# frozen_string_literal: true # This file is part of WhatWeb and may be subject to # redistribution and commercial restrictions. Please see the WhatWeb # web site for more information on licensing and terms of use. # http://www.morningstarsecurity.com/research/whatweb ## # Version 0.2 # 2016-04-19 # Andrew Horton # Moved patterns from passive function to matches[] ## WhatWeb::Plugin.define "Conexant-EmWeb" do @author = "Brendan Coles " # 2010-10-30 @version = "0.2" @description = "This plugin identifies the Conexant-EmWeb DSL router web interface." @website = "http://www.conexant.com/" # Flexor 151 user Manual: http://www.voiptalk.org/products/pdf/Flexor_151_User_Manual.pdf # ShodanHQ results as at 2010-10-30 # # 54,859 ShodanHQ results for Conexant-EmWeb # Google results as at 2010-10-30 # # 4 for "The Login page is where you enter the Broadband User Name and" inurl:"/help.html" intitle:"help" # 1 for intitle:"AT-iMG634WA" "System Information" # 3 for intitle:"AT" "System Information" "Model Type" "Software Release" "Recovery Release" # Dorks # @dorks = [ '"The Login page is where you enter the Broadband User Name and" inurl:"/help.html" intitle:"help"' ] # Matches # @matches = [ # Authentication failed # Default table HTML and 401 status code { text: '', status: 401 }, # Flexor 151 # Default page # Default title { text: 'Flexor 151 Home', model: "Flexor 151" }, # Flexor 151 # Default page # Default working message HTML { text: '', model: "e-con TDL-3424M" }, # Allied Telesyn-iMG634WA # Default title { text: "AT-iMG634WA", model: "Allied Telesyn-iMG634WA" }, # Allied Telesyn-iMG606BD # Default title { text: "AT-iMG606BD", model: "Allied Telesyn-iMG606BD" }, # Allied Telesyn-iMG646BD # Default title { text: "AT-iMG646BD", model: "Allied Telesyn-iMG646BD" }, # Allied Telesyn # Default logo { md5: "1ddf1d795d6576316495844f824dc84f", url: "/images/banner2.gif", model: "Allied Telesyn-iMG634WA" }, # Allied Telesyn # Default logo { md5: "27bc3ddd5ca0799f0a9e1035f76b390c", url: "/images/banner2.gif", model: "AT-iMG646BD / AT-iMG606BD" }, # Allied Telesyn-iMG634A-R2 # Help page { text: '

Note: If "Checking Firmware Upgrades Automatically" or "Image Upgrade" fails then please contact your service provider.

', url: "/help.html", model: "Allied Telesyn-iMG634A-R2" }, # Server version { version: /Conexant-EmWeb\/([^\r^\n]+)/, search: "headers[server]" }, { version: /Virata-EmWeb\/([^\r^\n]+)/, search: "headers[server]" }, ] # Passive # def passive(target) m = [] # Check HTTP Header if target.headers["server"] =~ /Conexant-EmWeb\/([^\r^\n]+)/ || target.headers["server"] =~ /Virata-EmWeb\/([^\r^\n]+)/ # e-con # Model Detection # Default page # Default Logo m << { model: "e-con " + target.body.scan(/LOGO<\/td>
Flexor 151 is connected and working properly, for more information', model: "Flexor 151" }, # Flexor 151 # Default page # Default menu HTML { text: 'Advanced configuration: Voice Settings   Network Settings   QoS Settings', model: "Flexor 151" }, # Flexor 151 # Default page # Default h2 HTML { text: '

Flexor 151

', model: "Flexor 151" }, # e-con TDL-3424M # Default page # Default HTML { text: '
e-con TDL-3424M Ethernet Router

e-con ([^\s]+) Ethernet Router<\/h1>/).flatten.first } if target.body =~ /LOGO<\/td>

e-con ([^\s]+) Ethernet Router<\/h1>/ end m end # Aggressive # def aggressive(target) m = [] # Check HTTP Header if target.headers["server"] =~ /Conexant-EmWeb\/([^\r^\n]+)/ || target.headers["server"] =~ /Virata-EmWeb\/([^\r^\n]+)/ # Allied Telesyn # Status page url = URI.join(target.uri.to_s, "/status/Status_1.htm").to_s new_target = WhatWeb::Target.new(url) # Allied Telesyn # Status page # Model Detection m << { url: "/status/Status_1.htm", model: "Allied Telesyn-" + new_target.body.scan(/

Model Type<\/STRONG><\/TD>[\r\n\s]*([^<]+)<\/TD>/).flatten } if new_target.body =~ /Model Type<\/STRONG><\/TD>[\r\n\s]*([^<]+)<\/TD>/ # Allied Telesyn # Status page # MAC Address m << { url: "/status/Status_1.htm", string: new_target.body.scan(/MAC Address<\/STRONG><\/TD>[\r\n\s]*([^<]+)<\/TD>/).flatten } if new_target.body =~ /MAC Address<\/STRONG><\/TD>[\r\n\s]*([^<]+)<\/TD>/ # Allied Telesyn # iMG634A-R2 # Top frame url = URI.join(target.uri.to_s, "/webconfig/atl/top_frame.html").to_s new_target = WhatWeb::Target.new(url) m << { url: "/webconfig/atl/top_frame.html", model: new_target.body.scan(/^[\s]+([^<]+)<\/em>/).flatten } if new_target.body =~ /^[\s]+([^<]+)<\/em>/ # Allied Telesyn # iMG646BD / iMG606BD # Top frame url = URI.join(target.uri.to_s, "/ati_header_frame.html").to_s new_target = WhatWeb::Target.new(url) m << { url: "/ati_header_frame.html", model: new_target.body.scan(/^[\s]+([^<]+)<\/em>/).flatten } if new_target.body =~ /^[\s]+([^<]+)<\/em>/ end m end end