# frozen_string_literal: true ## # This file is part of WhatWeb and may be subject to # redistribution and commercial restrictions. Please see the WhatWeb # web site for more information on licensing and terms of use. # http://www.morningstarsecurity.com/research/whatweb ## WhatWeb::Plugin.define "ApPHP-Calendar" do @author = "Brendan Coles " # 2011-03-20 @version = "0.1" @description = "The ApPHP Calendar (ApPHP CAL) is a powerful PHP calendar script that may be easily integrated and used with various PHP projects, such as schedulers, event processors etc. The calendar is very simple to install, implement and use." @website = "http://www.apphp.com/php-calendar/" # Google results as at 2011-03-20 # # 29 for Sunday Monday Tuesday Wednesday Thursday Friday +Satarday inurl:action inurl:view_type # Dorks # @dorks = [ 'Sunday Monday Tuesday Wednesday Thursday Friday "Satarday" inurl:action inurl:view_type' ] # Matches # @matches = [ # Version Detection # HTML Comment # This script was generated by { version: // }, # Table column headings # How do I spell Saturday? { text: "SundayMondayTuesdayWednesdayThursdayFridaySatarday" }, ] # Aggressive # def aggressive(target) m = [] # Local File Path Detection # Confirm match # Find application base path if target.body =~ // && target.uri.path =~ /\.php/ # Open application base url + "?view_type[]" target_url = target.uri.to_s.scan(/^([^\n]*\.php)/).to_s + "?view_type[]" new_target = WhatWeb::Target.new(target_url) # Extract local file path # PHP error m << { filepath: new_target.body.scan(/: The first argument should be either a string or an integer in ()?([^\n^<]+)(<\/b>)? on line ()?[\d]+(<\/b>)?/)[0][1] } if new_target.body =~ /: The first argument should be either a string or an integer in ()?([^\n^<]+)(<\/b>)? on line ()?[\d]+(<\/b>)?/ end # Return aggressive matches m end end