# frozen_string_literal: true ## # This file is part of WhatWeb and may be subject to # redistribution and commercial restrictions. Please see the WhatWeb # web site for more information on licensing and terms of use. # http://www.morningstarsecurity.com/research/whatweb ## WhatWeb::Plugin.define "Spiceworks" do @author = "Brendan Coles " # 2011-05-23 @version = "0.1" @description = "Spiceworks' single, easy-to-use interface combines Network Inventory, Help Desk, Mapping, Reporting, Monitoring and Troubleshooting" @website = "http://www.spiceworks.com/product/" # ShodanHQ results as at 2011-05-23 # # 2,101 for spiceworks_session # 20 for -spiceworks_session spiceworks # Matches # @matches = [ # Meta Author { text: '' }, # Login Page # compatible browsers message { text: '

Spiceworks is compatible with modern browsers, and requires JavaScript, Cookies, and Stylesheets (CSS) to function correctly.

' }, # Login Page # Title { text: 'Spiceworks - Login Required' }, ] # Passive # def passive(target) m = [] # spiceworks_session cookie # Session cookie format: URL encoded base64 string beginning with "BAh7" # Terminated by "--" then followed by a md5 hash m << { name: "spiceworks_session cookie" } if target.headers["set-cookie"] =~ /spiceworks_session=BAh7[^\s]+--/ # spiceworks cookie m << { name: "spiceworks cookie" } if target.headers["set-cookie"] =~ /spiceworks=[a-f\d]{32}; path=\// # If a match was found unless m.empty? # Version Detection # Login Page # Logo HTML if /

<\/h1>/.match?(target.body) m << { version: target.body.scan(/

<\/h1>/)[0][0].insert(1, ".").insert(3, ".") } unless version.nil? end # Version Detection # General stylesheet if //.match?(target.body) m << { version: target.body.scan(//)[0][0].insert(1, ".").insert(3, ".") } end end # Return passive matches m end end