[prev in list] [next in list] [prev in thread] [next in thread]
List: openvas-cvs
Subject: [Openvas-commits] r3196 - in trunk/openvas-plugins: . scripts
From: scm-commit () wald ! intevation ! org
Date: 2009-04-25 19:03:36
Message-ID: 20090425190336.283F31C095 () pyrosoma ! intevation ! org
[Download RAW message or body]
Author: edjenguele
Date: 2009-04-25 21:03:34 +0200 (Sat, 25 Apr 2009)
New Revision: 3196
Added:
trunk/openvas-plugins/scripts/remote-ApacheOfbiz-defaultPwd.nasl
Modified:
trunk/openvas-plugins/ChangeLog
Log:
Added Apache OFBiz default administrator username and password vulnerability check
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2009-04-24 19:45:26 UTC (rev 3195)
+++ trunk/openvas-plugins/ChangeLog 2009-04-25 19:03:34 UTC (rev 3196)
@@ -1,11 +1,14 @@
2009-04-24 Christian Eric Edjenguele <christian.edjenguele@owasp.org>
+ * scripts/remote-ApacheOfbiz-defaultPwd.nasl:
+ Added new script
+
+2009-04-24 Christian Eric Edjenguele <christian.edjenguele@owasp.org>
* scripts/remote-ApacheOfbiz-htmlInjection.nasl,
* scripts/remote-detect-ApacheOfbiz.nasl,
* scripts/remote-Opentaps-htmlIjection.nasl:
Added new script remote-Opentaps-htmlIjection.nasl
Modified ofbiz scripts
-
2009-04-24 Michael Meyer <mime@gmx.de>
* scripts/dokeos_34633.nasl,
scripts/notftp_detect.nasl,
Added: trunk/openvas-plugins/scripts/remote-ApacheOfbiz-defaultPwd.nasl
===================================================================
--- trunk/openvas-plugins/scripts/remote-ApacheOfbiz-defaultPwd.nasl 2009-04-24 \
19:45:26 UTC (rev 3195)
+++ trunk/openvas-plugins/scripts/remote-ApacheOfbiz-defaultPwd.nasl 2009-04-25 \
19:03:34 UTC (rev 3196) @@ -0,0 +1,107 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description:
+# This script the Apache Open For Business (Apache OFBiz) default administrator \
credentials vulnerability +#
+# remote-detect-ApacheOfbiz.nasl
+#
+# Author:
+# Christian Eric Edjenguele <christian.edjenguele@owasp.org>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 and later,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+
+
+if(description)
+{
+script_id(101023);
+name["english"] = "Apache Open For Business Weak Password security check";
+script_name(english:name["english"]);
+
+desc["english"] = "
+The remote host is running the Apache OFBiz with default administrator username and \
password. +Apache OFBiz is an Apache Top Level Project.
+As automation software it comprises a mature suite of enterprise applications that \
integrate +and automate many of the business processes of an enterprise.
+
+Impact:
+This allow an attacker to gain administrative access to the remote application
+
+Solution :
+You must change the default settings if you want to run it for production purposes,
+please refer to Apache OFBiz documentation, for further information on how to do \
this +
+Risk factor : High";
+
+script_description(english:desc["english"]);
+
+summary["english"] = "Apache Open For Business (Apache OFBiz) default administrator \
credentials vulnerability"; +
+script_summary(english:summary["english"]);
+
+script_category(ACT_ATTACK);
+
+script_copyright(english:"This script is Written by Christian Eric Edjenguele \
<christian.edjenguele@owasp.org> and released under GPL v2 or later"); \
+family["english"] = "Settings"; +script_family(english:family["english"]);
+script_dependencies("find_service.nes", "remote-detect-ApacheOfbiz.nasl");
+script_require_keys("ApacheOFBiz/port");
+script_require_ports("Services/www");
+
+
+exit(0);
+
+}
+
+#
+# The script code starts here
+#
+
+include("openvas-https.inc");
+include("misc_func.inc");
+include("http_func.inc");
+include("http_keepalive.inc");
+
+
+port = get_kb_item("ApacheOFBiz/port");
+module = 'webtools/control/login';
+report = '';
+host = get_host_name();
+postdata = string("USERNAME=admin&PASSWORD=ofbiz");
+
+if(!port){
+ port = 8443;
+ request = string("POST /", module, " HTTP/1.1\r\n",
+ "Content-Type: application/x-www-form-urlencoded\r\n",
+ "Content-Length: ", strlen(postdata),"\r\n",
+ "Host: ", get_host_name(),
+ "\r\n\r\n",
+ postdata);
+
+ reply = https_req_get(port, request);
+
+ if(reply){
+
+ welcomeMsg = egrep(pattern:"Welcome THE ADMIN.*", string:reply);
+
+ if(welcomeMsg){
+ report += "Apache OFBiz said: " + welcomeMsg + "You are using Apache OFBiz \
default ADMINISTRATOR username [admin] and pawssord [ofbiz], this can cause security \
problem in production environment"; + }
+ }
+}
+
+if(report)
+ security_note(port:port, data:report);
+
_______________________________________________
Openvas-commits mailing list
Openvas-commits@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-commits
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic