Nmap Development mailing list archives
Re: [NSE] IBM Websphere Application Server helper scripts
From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 29 Dec 2015 07:38:26 -0600
Kost, Thanks for submitting these! I'm looking at them carefully for inclusion, and I think that the http-websphere-console script could be included as the following fingerprint for http-enum: table.insert(fingerprints, { category = 'management', probes = { "/ibm/console/logon.jsp?action=OK", "/console/", "/console/portal/0/Welcome" }, matches = { { match = "[Ww][Ee][Bb][Ss][Pp][Hh][Ee][Rr][Ee]", output = "WebSphere" }, { match = "WSC Console Federation", output = "WebSphere Commerce" }, } }) I've attached a patch to add this to http-fingerprints.lua, and you can test it with --script http-enum --script-args http-enum.category=management I'm working on some changes to http-wordpress-brute (on which you based the websphere-brute script) so when those are ironed out, I'll apply them to http-websphere-brute, too, and ask that you test it. Dan On Sun, Jul 12, 2015 at 11:58 PM, Vlatko Kosturjak <kost () linux hr> wrote:
Hello! IBM WebSphere is application server similar to Tomcat, JBoss and WebLogic. Therefore, it should be interesting to any penetration tester doing enterprise scale work where Websphere might be present. It should be also interesting to anyone who is working on securing enterprise environment since Websphere allows deploying own (malicious or not) code to the server. I have written NSE scripts to identify IBM Websphere consoles of application servers and to brute force any usernames and passwords. Scripts are also available at: https://github.com/kost/nmap-nse For demonstration purposes, I have demonstrated basic NSE scripts usage at my blog: https://k0st.wordpress.com/2015/07/13/identifying-and-exploiting-ibm-websphere-application-server/ There you can find also basics of WebSphere exploitation. Hope it helps, -- Vlatko Kosturjak - KoSt _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Attachment:
websphere.patch
Description:
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] IBM Websphere Application Server helper scripts Daniel Miller (Dec 29)
- Re: [NSE] IBM Websphere Application Server helper scripts Daniel Miller (Dec 31)