# frozen_string_literal: true ## # This file is part of WhatWeb and may be subject to # redistribution and commercial restrictions. Please see the WhatWeb # web site for more information on licensing and terms of use. # http://www.morningstarsecurity.com/research/whatweb ## WhatWeb::Plugin.define "Django" do @author = "Brendan Coles " # 2012-02-27 @version = "0.1" @description = "Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design." @website = "https://www.djangoproject.com/" # ShodanHQ results as at 2012-02-27 # # 878 for WSGIServer Python # Matches # @matches = [ # HTTP Server { certainty: 25, search: "headers[server]", regexp: /^WSGIServer\/[^\s]+ Python\/[^\s]+$/ }, # Debug message # source: django/views/debug.py { regexp: /
[\s]+

[\s]+You're seeing this error because you have DEBUG = True<\/code> in your[\s]+Django settings file/ }, # 404 Page # Debug message # source: django/views/debug.py { url: "/doesnotexist123highwaytothedangerzone", string: /

[\s]+Using the URLconf defined in ([^\.^\s]+)\.urls<\/code>,[\s]+Django tried these URL patterns, in this order:/ }, # Default Welcome Message # source: django/views/debug.py { regexp: 'Welcome to Django' }, # Default Welcome Message # Project Name # source: django/views/debug.py { string: /

  • Start your first app by running python ([^\/]+)\/manage\.py startapp \[appname\]<\/code>\.<\/li>/ }, # /admin # Login Page { regexp: /
    ]*" method="post" id="login-form">
    <\/div>/ }, # Login Page { certainty: 75, text: '' }, ] # Passive # def passive(target) m = [] unless target.headers["set-cookie"].nil? || target.headers["set-cookie"].empty? # Extract cookie names target.headers["set-cookie"].split("\n").each do |cookie| m << { string: cookie.split("=")[0], certainty: 75 } if cookie =~ /csrftoken=/ end end # Return passive match m end end