Gh0st
/
Nettacker
mirror of https://github.com/OWASP/Nettacker.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

New module: crushftp_lastpatcheddate_scan (#1124) 

* crushftp_lastpatcheddate_scan module

* docs update

* Fix typos found by code-rabbit

Co-authored-by: Arkadii Yakovets <2201626+arkid15r@users.noreply.github.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>

---------

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
Co-authored-by: Arkadii Yakovets <2201626+arkid15r@users.noreply.github.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
This commit is contained in:
Sam Stepanyan 2025-08-13 01:02:26 +01:00 committed by GitHub
parent 2cb512bbc0
commit 518321718c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 47 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/Modules.md
View File

@ -12,6 +12,7 @@ OWASP Nettacker Modules can be of type **Scan** (scan for something), **Vuln** (
* '**citrix_lastpatcheddate_scan**' Scan the target and try to detect Citrix Netscaler Gateway and it's last patched date * '**citrix_lastpatcheddate_scan**' Scan the target and try to detect Citrix Netscaler Gateway and it's last patched date
* '**cms_detection_scan**' - Scan the target and try to detect the CMS (Wordpress, Drupal or Joomla) using response fingerprinting * '**cms_detection_scan**' - Scan the target and try to detect the CMS (Wordpress, Drupal or Joomla) using response fingerprinting
* '**confluence_version_scan**' - Scan the target and identify the Confluence version * '**confluence_version_scan**' - Scan the target and identify the Confluence version
* '**crushftp_lastpatcheddate_scan**' - Scan the target and try to detect CrushFTP and its last patched date
* '**cups_version_scan**' - Scan the target and identify the CUPS version (on port 631) * '**cups_version_scan**' - Scan the target and identify the CUPS version (on port 631)
* '**dir_scan**' - Scan the target for well-known directories * '**dir_scan**' - Scan the target for well-known directories
* '**drupal_modules_scan**' - Scan the target for popular Drupal modules * '**drupal_modules_scan**' - Scan the target for popular Drupal modules

46
nettacker/modules/scan/crushftp_lastpatcheddate.yaml Normal file
View File

@ -0,0 +1,46 @@
info:
name: crushftp_lastpatcheddate_scan
author: OWASP Nettacker Team
severity: 3
description: CrushFTP Last Patched Date Scan
reference:
profiles:
- scan
- http
- crushftp
- low_severity
payloads:
- library: http
steps:
- method: head
timeout: 3
headers:
User-Agent: "{user_agent}"
allow_redirects: false
ssl: false
url:
nettacker_fuzzer:
input_format: "{{schema}}://{target}:{{ports}}/WebInterface/CrushTunnel.jar"
prefix: ""
suffix: ""
interceptors:
data:
schema:
- "http"
- "https"
ports:
- 80
- 443
- 8080
response:
condition_type: and
log: "response_dependent['headers']['Last-Modified']"
conditions:
status_code:
regex: "200"
reverse: false
headers:
Last-Modified:
regex: .*
reverse: false