# frozen_string_literal: true ## # This file is part of WhatWeb and may be subject to # redistribution and commercial restrictions. Please see the WhatWeb # web site for more information on licensing and terms of use. # http://www.morningstarsecurity.com/research/whatweb ## WhatWeb::Plugin.define "Tilgin-Router" do @author = "Brendan Coles " # 2011-08-04 @version = "0.1" @description = "Tilgin router" @website = "http://www.tilgin.com/Products/" # Default Credentials # # Model Credentials # HG1311 (Tilgin Firmware) admin:admin # HG1351 (Tilgin Firmware) admin:admin # Vood 342 (Tilgin Swedish Firmware) Conf:admin # Vood 452W (Tilgin Firmware) Conf:admin # Vood 453W (Tilgin German Firmware) admin:admin # Google results as at 2011-08-04 # # 109 for "Welcome to the Tilgin router" "Status summary" intitle:VOOD # 59 for "Welcome to the Tilgin router" "Status summary" intitle:VOOD -www.killmail.org # Dorks # @dorks = [ '"Welcome to the Tilgin router" "Status summary" intitle:VOOD -www.killmail.org' ] # Matches # @matches = [ # h1 heading { text: '

Welcome to the Tilgin router

' }, # Title { text: 'VOOD', url: "/" }, # Wizard link { text: 'Run wizard for a quick and simple initial configuration.' }, # Menu { text: 'Status Help' }, # StyleSheet { text: '' }, ] # Passive # def passive(target) m = [] if /[\s]+[\s]+[\s]+

Product name:<\/TD>/.match?(target.body) # Model Detection if target.body =~ /[\s]+[\s]+[\s]+[\s]+[\s]+[\s]+

Product name:<\/TD>[\s]+	([^\s]+)<\/TD>[\s]+<\/TR>[\s]+
/ m << { model: $1.to_s } end # Firmware Version Detection if target.body =~ /
Software revision:<\/TD>[\s]+	([^\s]+)<\/TD>[\s]+<\/TR>[\s]+
Connection:<\/TD>/ m << { firmware: $1.to_s } end end # Return passive matches m end end