Nmap Development mailing list archives
[NSE] F5 BIG-IP addition to http-default-accounts-fingerprints
From: nnposter () users sourceforge net
Date: Tue, 4 Feb 2014 0:27:25 +0000
The following patch adds a fingerprint for F5 BIG-IP Configuration
Utility to http-default-accounts-fingerprints.lua. Tested with firmware
11.4.1.
Cheers,
nnposter
Patch against revision 32698 follows:
--- nselib/data/http-default-accounts-fingerprints.lua.orig 2014-02-03 16:25:28.654937400 -0700
+++ nselib/data/http-default-accounts-fingerprints.lua 2014-02-03 16:36:16.533937400 -0700
@@ -230,6 +230,26 @@
end
})
+table.insert(fingerprints, {
+ name = "F5 BIG-IP",
+ category = "routers",
+ paths = {
+ {path = "/tmui/login.jsp"}
+ },
+ target_check = function (host, port, path, response)
+ return response.status == 200
+ and response.header["f5-login-page"] == "true"
+ and response.body
+ and response.body:find("logmein.html",1,true)
+ end,
+ login_combos = {
+ {username = "admin", password = "admin"}
+ },
+ login_check = function (host, port, path, user, pass)
+ return try_http_post_login(host, port, path, "logmein.html", "login%.jsp%?msgcode=1", {username=user, passwd=pass})
+ end
+})
+
---
--Digital recorders
---
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] F5 BIG-IP addition to http-default-accounts-fingerprints nnposter (Feb 03)
- Re: [NSE] F5 BIG-IP addition to http-default-accounts-fingerprints George Chatzisofroniou (Mar 02)