Gh0st
/
Nettacker
mirror of https://github.com/OWASP/Nettacker.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

New module: cups_version_scan to help with the vulnerable CUPS printer detection

This commit is contained in:
Sam Stepanyan 2024-09-29 19:41:48 +01:00
parent 7c2479a00e
commit 546042dea5
2 changed files with 45 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/Modules.md
View File

@ -12,6 +12,7 @@ OWASP Nettacker Modules can be of type **Scan** (scan for something), **Vuln** (
* '**citrix_lastpatcheddate_scan**' Scan the target and try to detect Citrix Netscaler Gateway and it's last patched date
* '**cms_detection_scan**' - Scan the target and try to detect the CMS (Wordpress, Drupal or Joomla) using response fingerprinting
* '**confluence_version_scan**' - Scan the target and identify the Confluence version
* '**cups_version_scan**' - Scan the target and identify the CUPS version (on port 631)
* '**dir_scan**' - Scan the target for well-known directories
* '**drupal_modules_scan**' - Scan the target for popular Drupal modules
* '**drupal_theme_scan**' - Scan the target for popular Drupal themes

44
nettacker/modules/scan/cups_version.yaml Normal file
View File

@ -0,0 +1,44 @@
info:
name: cups_version_scan
author: OWASP Nettacker Team
severity: 3
description: fetch CUPS version from target to help identify CVE-2024-47176
reference: https://thehackernews.com/2024/09/critical-linux-cups-printing-system.html
profiles:
- scan
- http
- backup
- low_severity
- drupal
payloads:
- library: http
steps:
- method: get
timeout: 3
headers:
User-Agent: "{user_agent}"
allow_redirects: false
ssl: false
url:
nettacker_fuzzer:
input_format: "{{schema}}://{target}:{{ports}}/"
prefix: ""
suffix: ""
interceptors:
data:
schema:
- "http"
ports:
- 631
response:
condition_type: and
conditions:
status_code:
regex: \d\d\d
reverse: false
headers:
Server:
regex: (CUPS\/[0-9]+\.[0-9]+)
reverse: false
log: "response_dependent['headers']['Server']"