# frozen_string_literal: true ## # This file is part of WhatWeb and may be subject to # redistribution and commercial restrictions. Please see the WhatWeb # web site for more information on licensing and terms of use. # http://www.morningstarsecurity.com/research/whatweb ## WhatWeb::Plugin.define "NeXpose-Security-Console" do @author = "Brendan Coles " # 2011-01-05 @version = "0.1" @description = "NeXpose Security Console - Identifying vulnerabilities across networks, operating systems, databases, Web applications and a wide-range of system platforms through an integrated, intelligent scan engine, Rapid7 NeXpose prioritizes vulnerabilities using exploit risk scoring and asset criticality ratings. As a result, NeXpose customers benefit from lower risk exposure and remediation costs." @website = "http://www.rapid7.com/products/vulnerability-management.jsp" # 1 Google result for "JavaScript must be enabled before you can continue." @ 2011-01-05 # TODO # Fingerprint using certificate : # ERROR: certificate common name `NeXpose Security Console' doesn't match requested host name `candi4.cirt.vt.edu'. # Matches # @matches = [ # Default Favicon HTML { text: '' }, # Default Favicon { md5: "e19ffb2bc890f5bdca20f10bfddb288d", url: "/style/image/favicon.ico" }, # Login Page # Default JavaScript { text: '' }, { text: "document.title = 'Log in to ' + document.nxp.skin.getProductName();" }, # Login Page # Default form HTML { text: '' }, { text: '' }, # Login Page # Default noscript HTML { text: '' }, # Error page # Default JavaScript { text: ' ' }, { text: ' ' }, { text: ' ' }, # Error page # Default Title { text: 'NeXpose Security Console :: Error' }, ] # Aggressive # def aggressive(target) m = [] # /style/ # Trigger error message url = URI.join(target.uri.to_s, "/style/").to_s new_target = WhatWeb::Target.new(url) m << { name: "Default Error Page Title" } if new_target.body =~ /NeXpose Security Console :: Error<\/title>/ # Return passive matches m end end