diff --git a/GLPIScan.py b/GLPIScan.py
index 0ac7ba1..393de9f 100644
--- a/GLPIScan.py
+++ b/GLPIScan.py
@@ -10,13 +10,14 @@
print(chalk.white("\\ \\ \\__ \\ \\ \\ \\____ \\ \\ __/ \\ \\ \\ \\ \\___ \\ \\ \\ \\____ \\ \\ __ \\ \\ \\ \\-. \\ ", bold=True))
print(chalk.white(" \\ \\_____\\ \\ \\_____\\ \\ \\_\\ \\ \\_\\ \\/\\_____\\ \\ \\_____\\ \\ \\_\\ \\_\\ \\ \\_\\\"\\_\\", bold=True))
print(chalk.white(" \\/_____/ \\/_____/ \\/_/ \\/_/ \\/_____/ \\/_____/ \\/_/\\/_/ \\/_/ \\/_/", bold=True))
-print(chalk.white(" v1.0 contact[@]digitemis.com\n\n\n", bold=True))
+print(chalk.white(" v1.1 contact[@]digitemis.com\n\n\n", bold=True))
def parsing():
parser = argparse.ArgumentParser(description='GLPI Vulnerability Scanner.')
parser.add_argument('-u', dest='url', metavar="url", required=True, help='URL of GLPI application')
parser.add_argument('-a', dest='allcheck', action='store_true', default=False, help='Perform allcheck')
parser.add_argument('-c', dest='credscheck', action='store_true', default=False, help='Perform Credential Check')
+ parser.add_argument('-C', dest='credsfile', action='store_true', default=False, help='Perform Credential Check with specific wordlist (user:password)')
parser.add_argument('-f', dest='filescheck', action='store_true', default=False, help='Perform Files Check')
parser.add_argument('-p', dest='pluginscheck', action='store_true', default=False, help='Perform Plugin Check')
parser.add_argument('-d', dest='debug', action='store_true', default=False, help='Debug mode')
@@ -26,6 +27,7 @@ def parsing():
Config.BASE_URL = args.url
Config.ALLCHECK = args.allcheck
Config.CREDSCHECK = args.credscheck
+ Config.CREDSFILE = args.credsfile
Config.FILESCHECK = args.filescheck
Config.PLUGINSCHECK = args.pluginscheck
diff --git a/README.md b/README.md
index 25d57a2..f577ddc 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,67 @@
# GLPIScan
+
GLPIScan is a vulnerability scanner for GLPI.
+
+## Prerequisites
+
+* pychalk >= 2.0.1 - Recommended: latest
+* requests >= 2.18.4 - Recommended: latest
+* urllib3 >= 1.22 - Recommended: latest
+* packaging >= 19.0 - Recommended: latest
+
+## Installation
+
+In order to install GLPIScan, you only need to clone the repository, and install the python dependencies using the requirements.txt
+
+
+```bash
+$ pip install -r requirements.txt
+```
+
+## Usage
+
+List of options :
+
+```
+usage: GLPIScan.py [-h] -u url [-a] [-c] [-f] [-p] [-d]
+
+GLPI Vulnerability Scanner.
+
+optional arguments:
+ -h, --help show this help message and exit
+ -u url URL of GLPI application
+ -a Perform allcheck
+ -c Perform Credential Check
+ -f Perform Files Check
+ -p Perform Plugin Check
+ -d Debug mode
+```
+
+Most common usage :
+
+```bash
+$ python GLPIScan.py -u http://glpi/ -a
+```
+
+## Further configuration
+
+The inc/Config.py file contain addiditional parameters.
+
+The parameter "PROXY" allow you to configure a proxy :
+```python
+PROXY = {"http" : "http://127.0.0.1:8080", "https" : "https://127.0.0.1:8080"}
+```
+
+The parameter "HEADER" allow you yo add custom header to each request
+```python
+HEADERS = {"X-FORWARDED-FOR" : "127.0.0.1"}
+```
+The parameter "VERSION" allow you force the version of the scanned GLPI (if you already know the version) :
+```python
+VERSION = "9.4.0" # for GLPI version 9.4.0
+```
+
+## Authors
+
+* **David CARNOT** - [Digitemis](https://www.digitemis.com/)
+* **Erwan R.** - [Digitemis](https://www.digitemis.com/)
\ No newline at end of file
diff --git a/inc/AjaxTelemetry.py b/inc/AjaxTelemetry.py
new file mode 100644
index 0000000..c32195b
--- /dev/null
+++ b/inc/AjaxTelemetry.py
@@ -0,0 +1,23 @@
+#!/usr/bin/python
+
+import Config
+
+import chalk
+
+class AjaxTelemetry:
+
+ def getPluginVersion(self, info, name):
+ try:
+ for plugin in Config.AJAX_TELEMETRY['glpi']['plugins']:
+ if plugin['key'] == name:
+ print(chalk.white('\t[+] Version of [', bold=True) + chalk.yellow(info[1], bold=True) + chalk.white('] : [', bold=True) + chalk.yellow(plugin['version'], bold=True) + chalk.white(']', bold=True))
+ return plugin['version']
+ except:
+ return False
+
+ def getGLPIVersion(self):
+ try:
+ Config.VERSION = Config.AJAX_TELEMETRY['glpi']['version']
+ return True
+ except:
+ return False
diff --git a/inc/Config.py b/inc/Config.py
index 9fa120b..3dfcbef 100644
--- a/inc/Config.py
+++ b/inc/Config.py
@@ -13,6 +13,9 @@
# Version of the scanned GLPI
VERSION = ""
+# Default value of JSON Telemetry page
+AJAX_TELEMETRY = {}
+
# By default do not perfom all checks on GLPI
ALLCHECK = False
@@ -25,6 +28,12 @@
# By default do not perfom plugins checks on GLPI
PLUGINSCHECK = False
+# Proxy configuration
+PROXY = {"http" : "", "https" : ""}
+
+# Custom header configuration {"header" : "value"}
+HEADERS = {}
+
COOKIE = ""
FILES = ['/ajax/telemetry.php',
@@ -45,7 +54,7 @@
['normal', 'normal']]
# ['URL_VERIFY', 'PLUGIN_NAME', 'PLUGIN_URL', 'PLUGIN_CLASS']
-PLUGINS = [['/plugins/addressing/LICENSE', 'IP Report', 'https://plugins.glpi-project.org/#/plugin/addressing', False],
+PLUGINS = [['/plugins/addressing/LICENSE', 'IP Report', 'https://plugins.glpi-project.org/#/plugin/addressing', 'PluginAddressing'],
['/plugins/fusioninventory/js/footer.js', 'FusionInventory', 'https://plugins.glpi-project.org/#/plugin/fusioninventory', 'PluginFusionInventory'],
['/plugins/dashboard/changelog.txt', 'Dashboard', 'https://plugins.glpi-project.org/#/plugin/dashboard', 'PluginDashboard'],
['/plugins/datainjection/datainjection.xml', 'Data Injection', 'https://plugins.glpi-project.org/#/plugin/datainjection', 'PluginDataInjection'],
@@ -53,46 +62,46 @@
['/plugins/formcreator/package.json', 'FormCreator', 'https://plugins.glpi-project.org/#/plugin/formcreator', 'PluginFormCreator'],
['/plugins/genericobject/genericobject.xml', 'Generic Objects Management', 'https://plugins.glpi-project.org/#/plugin/genericobject', 'PluginGenericObjectsManagement'],
['/plugins/mreporting/mreporting.xml', 'More Reporting', 'https://plugins.glpi-project.org/#/plugin/mreporting', 'PluginMoreReporting'],
- ['/plugins/ocsinventoryng/docs/CHANGELOG.txt', 'OCS Inventory NG', 'https://plugins.glpi-project.org/#/plugin/ocsinventoryng', False],
- ['/plugins/reports/LICENSE', 'Reports', 'https://plugins.glpi-project.org/#/plugin/reports', False],
+ ['/plugins/ocsinventoryng/docs/CHANGELOG.txt', 'OCS Inventory NG', 'https://plugins.glpi-project.org/#/plugin/ocsinventoryng', 'PluginOCSInventoryng'],
+ ['/plugins/reports/LICENSE', 'Reports', 'https://plugins.glpi-project.org/#/plugin/reports', 'PluginReports'],
['/plugins/pdf/LICENSE', 'PDF', 'https://plugins.glpi-project.org/#/plugin/pdf', False],
- ['/plugins/archires/LICENSE', 'Network Architecture', 'https://plugins.glpi-project.org/#/plugin/archires', False],
+ ['/plugins/archires/LICENSE', 'Network Architecture', 'https://plugins.glpi-project.org/#/plugin/archires', 'PluginArchires'],
['/plugins/room/room.xml', 'Room Management', 'https://plugins.glpi-project.org/#/plugin/room', 'PluginRoom'],
['/plugins/racks/locales/glpi.pot', 'Racks / Bays Management', 'https://plugins.glpi-project.org/#/plugin/racks', 'PluginRacks'],
['/plugins/manageentities/LICENSE', 'Entities Management', 'https://plugins.glpi-project.org/#/plugin/manageentities', False],
['/plugins/accounts/LICENSE', 'Accounts Inventory', 'https://plugins.glpi-project.org/#/plugin/accounts', False],
- ['/plugins/appliances/LICENSE', 'Appliances Inventory', 'https://plugins.glpi-project.org/#/plugin/appliances', False],
+ ['/plugins/appliances/LICENSE', 'Appliances Inventory', 'https://plugins.glpi-project.org/#/plugin/appliances', 'PluginAppliances'],
['/plugins/badges/locales/glpi.pot', 'Badges Inventory', 'https://plugins.glpi-project.org/#/plugin/badges', 'PluginBadgesInventory'],
['/plugins/certificates/LICENSE', 'Certificates Inventory', 'https://plugins.glpi-project.org/#/plugin/certificates', False],
- ['/plugins/databases/LICENSE', 'Databases Inventory', 'https://plugins.glpi-project.org/#/plugin/databases', False],
+ ['/plugins/databases/LICENSE', 'Databases Inventory', 'https://plugins.glpi-project.org/#/plugin/databases', 'PluginDatabases'],
['/plugins/domains/locales/glpi.pot', 'Domains Inventory', 'https://plugins.glpi-project.org/#/plugin/domains', 'PluginDomainsInventory'],
['/plugins/financialreports/LICENSE', 'Financial Reports', 'https://plugins.glpi-project.org/#/plugin/financialreports', False],
['/plugins/environment/LICENSE', 'Meta-Plugin Environment', 'https://plugins.glpi-project.org/#/plugin/environment', False],
['/plugins/shellcommands/locales/glpi.pot', 'Launch Shell Commands', 'https://plugins.glpi-project.org/#/plugin/shellcommands', 'PluginLaunchShellCommands'],
- ['/plugins/webapplications/LICENSE', 'Web Applications Inventory', 'https://plugins.glpi-project.org/#/plugin/webapplications', False],
+ ['/plugins/webapplications/LICENSE', 'Web Applications Inventory', 'https://plugins.glpi-project.org/#/plugin/webapplications', 'PluginWebApplications'],
['/plugins/order/plugin.xml', 'Order Management', 'https://plugins.glpi-project.org/#/plugin/order', 'PluginOrderManagement'],
['/plugins/uninstall/uninstall.xml', 'Uninstall', 'https://plugins.glpi-project.org/#/plugin/uninstall', 'PluginUninstall'],
['/plugins/geninventorynumber/plugin.xml', 'Inventory Number Generation', 'https://plugins.glpi-project.org/#/plugin/geninventorynumber', 'PluginInventoryNumberGeneration'],
- ['/plugins/behaviors/LICENSE', 'Behaviors', 'https://plugins.glpi-project.org/#/plugin/behaviors', False],
+ ['/plugins/behaviors/LICENSE', 'Behaviors', 'https://plugins.glpi-project.org/#/plugin/behaviors', 'PluginBehaviors'],
['/plugins/barcode/barcode.xml', 'Barcode', 'https://plugins.glpi-project.org/#/plugin/barcode', 'PluginBarcode'],
['/plugins/positions/locales/glpi.pot', 'Cartography', 'https://plugins.glpi-project.org/#/plugin/positions', 'PluginCartography'],
['/plugins/typology/locales/glpi.pot', 'Typology', 'https://plugins.glpi-project.org/#/plugin/typology', 'PluginTypology'],
['/plugins/mask/mask.xml', 'Mask', 'https://plugins.glpi-project.org/#/plugin/mask', 'PluginMask'],
- ['/plugins/surveyticket/LICENSE', 'SurveyTicket', 'https://plugins.glpi-project.org/#/plugin/surveyticket', False],
+ ['/plugins/surveyticket/LICENSE', 'SurveyTicket', 'https://plugins.glpi-project.org/#/plugin/surveyticket', 'PluginSurveyTicket'],
['/plugins/mantis/mantis.xml', 'MantisBT synchronization', 'https://plugins.glpi-project.org/#/plugin/mantis', 'PluginMantis'],
- ['/plugins/reservation/LICENCE', 'Reservation', 'https://plugins.glpi-project.org/#/plugin/reservation', False],
+ ['/plugins/reservation/LICENCE', 'Reservation', 'https://plugins.glpi-project.org/#/plugin/reservation', 'PluginReservation'],
['/plugins/timezones/timezones.xml', 'Timezones', 'https://plugins.glpi-project.org/#/plugin/timezones', 'PluginTimezones'],
['/plugins/sccm/sccm.xml', 'SCCM', 'https://plugins.glpi-project.org/#/plugin/sccm', 'PluginSCCM'],
['/plugins/tag/plugin.xml', 'Tag', 'https://plugins.glpi-project.org/#/plugin/tag', 'PluginTag'],
['/plugins/news/plugin.xml', 'News', 'https://plugins.glpi-project.org/#/plugin/news', 'PluginNews'],
['/plugins/purgelogs/plugin.xml', 'Historical purge', 'https://plugins.glpi-project.org/#/plugin/purgelogs', 'PluginHistoricalPurge'],
['/plugins/escalade/escalade.xml', 'Escalade', 'https://plugins.glpi-project.org/#/plugin/escalade', 'PluginEscalade'],
- ['/plugins/moreticket/LICENSE', 'Moreticket', 'https://plugins.glpi-project.org/#/plugin/moreticket', False],
+ ['/plugins/moreticket/LICENSE', 'Moreticket', 'https://plugins.glpi-project.org/#/plugin/moreticket', 'PluginMoreTicket'],
['/plugins/itilcategorygroups/itilcategorygroups.xm l', 'ItilCategory Groups', 'https://plugins.glpi-project.org/#/plugin/itilcategorygroups', 'PluginItilCategoryGroups'],
- ['/plugins/consumables/LICENSE', 'Consumables', 'https://plugins.glpi-project.org/#/plugin/consumables', False],
- ['/plugins/printercounters/LICENSE', 'PrinterCounters', 'https://plugins.glpi-project.org/#/plugin/printercounters', False],
+ ['/plugins/consumables/LICENSE', 'Consumables', 'https://plugins.glpi-project.org/#/plugin/consumables', 'PluginConsumables'],
+ ['/plugins/printercounters/LICENSE', 'PrinterCounters', 'https://plugins.glpi-project.org/#/plugin/printercounters', 'PluginPrinterCounters'],
['/plugins/processmaker/processmaker.xml', 'Processmaker', 'https://plugins.glpi-project.org/#/plugin/processmaker', 'PluginProcessmaker'],
- ['/plugins/seasonality/README.md', 'Seasonality', 'https://plugins.glpi-project.org/#/plugin/seasonality', False],
+ ['/plugins/seasonality/README.md', 'Seasonality', 'https://plugins.glpi-project.org/#/plugin/seasonality', 'PluginSeasonality'],
['/plugins/tasklists/locales/glpi.pot', 'Tasks List (Kanban)', 'https://plugins.glpi-project.org/#/plugin/tasklists', 'PluginTasksList'],
['/plugins/mailanalyzer/mailanalyzer.xml', 'Mail Analyzer', 'https://plugins.glpi-project.org/#/plugin/mailanalyzer', 'PluginMailAnalyzer'],
['/plugins/mydashboard/locales/glpi.pot', 'My Dashboard', 'https://plugins.glpi-project.org/#/plugin/mydashboard', 'PluginMyDashboard'],
@@ -108,9 +117,9 @@
['/plugins/glpi2mdt/glpi2mdt.xml', 'GLPI to MDT connector', 'https://plugins.glpi-project.org/#/plugin/glpi2mdt', 'PluginMDTConnector'],
['/plugins/telegrambot/telegrambot.xml', 'TelegramBot', 'https://plugins.glpi-project.org/#/plugin/telegrambot', 'PluginTelegramBot'],
['/plugins/cleanarchivedemails/cleanarchivedemails.xml', 'Clean Archived Emails', 'https://plugins.glpi-project.org/#/plugin/cleanarchivedemails', 'PluginCleanArchivedEmails'],
- ['/plugins/officeonline/js/officeonline.js', 'Office Online', 'https://plugins.glpi-project.org/#/plugin/officeonline', False],
- ['/plugins/satisfaction/satisfaction.js', 'More satisfaction', 'https://plugins.glpi-project.org/#/plugin/satisfaction', False],
- ['/plugins/gdrive/README.md', 'GDrive', 'https://plugins.glpi-project.org/#/plugin/GDrive', False],
+ ['/plugins/officeonline/js/officeonline.js', 'Office Online', 'https://plugins.glpi-project.org/#/plugin/officeonline', 'PluginOfficeOnline'],
+ ['/plugins/satisfaction/satisfaction.js', 'More satisfaction', 'https://plugins.glpi-project.org/#/plugin/satisfaction', 'PluginMoreSatisfaction'],
+ ['/plugins/gdrive/README.md', 'GDrive', 'https://plugins.glpi-project.org/#/plugin/GDrive', 'PluginGDrive'],
['/plugins/archisw/archisw.xml', 'Apps structure inventory', 'https://plugins.glpi-project.org/#/plugin/archisw', 'PluginAppsStructureInventory'],
['/plugins/dataflows/dataflows.xml', 'Dataflows inventory', 'https://plugins.glpi-project.org/#/plugin/dataflows', 'PluginDataflowsInventory'],
['/plugins/statecheck/statecheck.xml', 'Statecheck', 'https://plugins.glpi-project.org/#/plugin/statecheck', 'PluginStatecheck'],
@@ -118,8 +127,9 @@
['/plugins/metabase/metabase.xml', 'Metabase', 'https://plugins.glpi-project.org/#/plugin/metabase', 'PluginMetabase'],
['/plugins/orderservice/orderservice.xml', 'Order Service', 'https://plugins.glpi-project.org/#/plugin/orderservice', 'PluginOrderService'],
['/plugins/glpicheckingversion/glpicheckingversion.xml', 'GLPI Checking Version', 'https://plugins.glpi-project.org/#/plugin/glpicheckingversion', 'PluginGLPICheckingVersion'],
- ['/plugins/taskdrop/LICENSE', 'Task n Drop', 'https://plugins.glpi-project.org/#/plugin/TaskDrop', False],
+ ['/plugins/taskdrop/LICENSE', 'Task n Drop', 'https://plugins.glpi-project.org/#/plugin/TaskDrop', 'PluginTaskDrop'],
['/plugins/impacts/impacts.xml', 'Impacts', 'https://plugins.glpi-project.org/#/plugin/impacts', 'PluginImpacts'],
+ ['/plugins/manufacturersimports/LICENSE', 'Manufacturers Web Imports', 'https://plugins.glpi-project.org/#/plugin/manufacturersimports', 'PluginManufacturersImports'],
]
# ['VENDOR', ['OPERANDE', 'VERSION'], 'DESC' ,'LINK', 'CVE']
@@ -148,6 +158,10 @@
['GLPI', [['<', '9.1.5.1']], 'SQL injection in front/rulesengine.test.php' ,'https://github.com/glpi-project/glpi/issues/2476', 'CVE-2017-11475'],
['GLPI', [['<=', '9.2.1']], 'Remote code execution' ,'https://github.com/bowline90/RemoteCodeUploadGLPI', 'CVE-2018-7562'],
['GLPI', [['<=', '9.3.3']], 'Pre-authenticated SQL injection' ,'https://www.synacktiv.com/ressources/advisories/GLPI_9.3.3_SQL_Injection.pdf', 'CVE-2019-10232'],
- ['GLPI', [['<=', '9.4.1.1']], 'Type juggling authentication bypass', 'https://www.synacktiv.com/ressources/GLPI_9.4.0_Type_juggling_auth_bypass.pdf', 'CVE-2019-10231'],
- ['GLPI', [['<=', '9.4.1.1']], 'Timing attack user enumeration', 'https://www.synacktiv.com/ressources/GLPI_9.4.0_Timing_attack_user_enumeration.pdf', 'CVE-2019-10233'],
- ['FusionInventory', [['<=', '9.4.0']], 'Arbitrary PHP function call', 'https://www.synacktiv.com/ressources/GLPI_FusionInventory_9.4.0_Arbitrary_call_user_func_array.pdf', 'CVE-2019-10477']]
+ ['GLPI', [['>=', '9.3'], ['<', ' 9.3.4']], 'Type juggling authentication bypass', 'https://www.synacktiv.com/ressources/GLPI_9.4.0_Type_juggling_auth_bypass.pdf', 'CVE-2019-10231'],
+ ['GLPI', [['>=', '9.4'], ['<', ' 9.4.1.1']], 'Type juggling authentication bypass', 'https://www.synacktiv.com/ressources/GLPI_9.4.0_Type_juggling_auth_bypass.pdf', 'CVE-2019-10231'],
+ ['GLPI', [['>=', '9.3'], ['<', ' 9.3.4']], 'Timing attack user enumeration', 'https://www.synacktiv.com/ressources/GLPI_9.4.0_Timing_attack_user_enumeration.pdf', 'CVE-2019-10233'],
+ ['GLPI', [['>=', '9.4'], ['<', ' 9.4.1.1']], 'Timing attack user enumeration', 'https://www.synacktiv.com/ressources/GLPI_9.4.0_Timing_attack_user_enumeration.pdf', 'CVE-2019-10233'],
+ ['FusionInventory', [['>=', '9.3'], ['<', ' 9.3+1.4']], 'Arbitrary PHP function call', 'https://www.synacktiv.com/ressources/GLPI_FusionInventory_9.4.0_Arbitrary_call_user_func_array.pdf', 'CVE-2019-10477'],
+ ['FusionInventory', [['>=', '9.4'], ['<', ' 9.4+1.1']], 'Arbitrary PHP function call', 'https://www.synacktiv.com/ressources/GLPI_FusionInventory_9.4.0_Arbitrary_call_user_func_array.pdf', 'CVE-2019-10477'],
+ ]
diff --git a/inc/Credentials.py b/inc/Credentials.py
index 42738d6..30bc576 100644
--- a/inc/Credentials.py
+++ b/inc/Credentials.py
@@ -2,17 +2,26 @@
import Config
-import requests, chalk
+import requests, chalk, re
class CredentialsCheck:
+ def checkAuthent(self, request, user):
+ if request.status_code == 302:
+ print(chalk.white('[+] Valid user account found : ', bold=True) + chalk.red(user[0] + ':' + user[1], bold=True))
+ elif request.status_code == 200 and request.content.find("window.location='/front/") != -1:
+ print(chalk.white('[+] Valid user account found : ', bold=True) + chalk.red(user[0] + ':' + user[1], bold=True))
+
def getLoginField(self, content):
- login = content[content.find('')])
+
+ def getVersion(self, request):
+ try:
+ version = request.content[request.content.find('GLPI version ')+len('GLPI version '):]
+ version = version[:version.find(' Copyright')]
+ Version(version)
+ return version
+ except:
+ pass
+ try:
+ version = request.content[request.content.find('?v=')+len('?v='):]
+ version = version[:version.find('"')]
+ Version(version)
+ return version
+ except:
+ pass
+ try:
+ version = request.content[request.content.find('">GLPI ')+len('">GLPI '):]
+ version = version[:version.find(' Copyright')]
+ Version(version)
+ return version
+ except:
+ return False
+
+ def checkVersion(self):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL)
- r = requests.get(Config.BASE_URL, verify=False)
- version = r.content[r.content.find('?v=')+len('?v='):]
- version = version[:version.find('"')]
- Config.VERSION = version
+ if not Config.VERSION:
+ if not AjaxTelemetry.AjaxTelemetry().getGLPIVersion():
+ r = requests.get(Config.BASE_URL, verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
+ Config.VERSION = self.getVersion(r)
+ if not Config.VERSION:
+ print(chalk.white('[!] Cannot find GLPI Version', bold=True))
+ return False
print(chalk.white('[+] Version of GLPI : ', bold=True) + chalk.yellow(Config.VERSION, bold=True))
Exploits.ExploitsCheck().verifExploit('GLPI', Config.VERSION)
-
+
def checkServer(self):
try:
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL)
- r = requests.get(Config.BASE_URL, timeout=10, verify=False)
+ r = requests.get(Config.BASE_URL, timeout=10, verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
print(chalk.white('[+] Server Header : ', bold=True) + chalk.yellow(r.headers['Server'], bold=True))
self.getURLBase(r.content)
self.getRootDoc(r.content)
- self.getVersion()
+ self.tryTelemetry()
+ self.checkVersion()
return True
except Exception as e:
print(chalk.red('[-] ' + Config.BASE_URL + ' seems not accessible', bold=True))
diff --git a/inc/Plugins.py b/inc/Plugins.py
index 724bcb0..6c5de1b 100644
--- a/inc/Plugins.py
+++ b/inc/Plugins.py
@@ -4,14 +4,14 @@
from inc import ImportPlugin
-import requests, chalk
+import requests, chalk, json
class PluginsCheck:
def getPlugin(self, plugin):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + plugin[0])
- r = requests.get(Config.BASE_URL + plugin[0], verify=False)
+ r = requests.get(Config.BASE_URL + plugin[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
if (r.status_code == 200):
print(chalk.white('\n[+] Plugin [', bold=True) + chalk.yellow(plugin[1], bold=True) + chalk.white('] found !', bold=True))
if plugin[3]:
@@ -22,7 +22,8 @@ def getPlugin(self, plugin):
def plugins(self):
+ plugins = Config.PLUGINS
print(chalk.green('\n[+] Performing Plugins check', bold=True))
print(chalk.green('============================', bold=True))
- for plugin in Config.PLUGINS:
+ for plugin in plugins:
self.getPlugin(plugin)
diff --git a/plugins/PluginAddressing.py b/plugins/PluginAddressing.py
new file mode 100644
index 0000000..3727b8c
--- /dev/null
+++ b/plugins/PluginAddressing.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginAddressing:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'addressing')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginAirwatchConnector.py b/plugins/PluginAirwatchConnector.py
index 0194d2d..51d4163 100644
--- a/plugins/PluginAirwatchConnector.py
+++ b/plugins/PluginAirwatchConnector.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginAirwatchConnector:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginAppliances.py b/plugins/PluginAppliances.py
new file mode 100644
index 0000000..524cfb5
--- /dev/null
+++ b/plugins/PluginAppliances.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginAppliances:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'appliances')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginAppsStructureInventory.py b/plugins/PluginAppsStructureInventory.py
index f2ea294..41fe86b 100644
--- a/plugins/PluginAppsStructureInventory.py
+++ b/plugins/PluginAppsStructureInventory.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginAppsStructureInventory:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginArchires.py b/plugins/PluginArchires.py
new file mode 100644
index 0000000..7514ae5
--- /dev/null
+++ b/plugins/PluginArchires.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginArchires:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'archires')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginBadgesInventory.py b/plugins/PluginBadgesInventory.py
index 5a1be37..4d8435e 100644
--- a/plugins/PluginBadgesInventory.py
+++ b/plugins/PluginBadgesInventory.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginBadgesInventory:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('Badges plugin ') + len('Badges plugin '):]
version = version[:version.find('\\')]
diff --git a/plugins/PluginBarcode.py b/plugins/PluginBarcode.py
index ff76302..d3c1944 100644
--- a/plugins/PluginBarcode.py
+++ b/plugins/PluginBarcode.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginBarcode:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginBehaviors.py b/plugins/PluginBehaviors.py
new file mode 100644
index 0000000..cdaac5d
--- /dev/null
+++ b/plugins/PluginBehaviors.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginBehaviors:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'behaviors')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginBrowserNotification.py b/plugins/PluginBrowserNotification.py
index 00f560d..99e6445 100644
--- a/plugins/PluginBrowserNotification.py
+++ b/plugins/PluginBrowserNotification.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginBrowserNotification:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.rfind('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginCartography.py b/plugins/PluginCartography.py
index 536ff14..5f75885 100644
--- a/plugins/PluginCartography.py
+++ b/plugins/PluginCartography.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginCartography:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('Positions plugin ') + len('Positions plugin '):]
version = version[:version.find('\\')]
diff --git a/plugins/PluginCleanArchivedEmails.py b/plugins/PluginCleanArchivedEmails.py
index f5f93bd..883a042 100644
--- a/plugins/PluginCleanArchivedEmails.py
+++ b/plugins/PluginCleanArchivedEmails.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginCleanArchivedEmails:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginConsumables.py b/plugins/PluginConsumables.py
new file mode 100644
index 0000000..0567178
--- /dev/null
+++ b/plugins/PluginConsumables.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginConsumables:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'consumables')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginCredit.py b/plugins/PluginCredit.py
index 8b3a328..35bab60 100644
--- a/plugins/PluginCredit.py
+++ b/plugins/PluginCredit.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginCredit:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginDashboard.py b/plugins/PluginDashboard.py
index 71a4e0e..cf83be8 100644
--- a/plugins/PluginDashboard.py
+++ b/plugins/PluginDashboard.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginDashboard:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('Version ') + len('Version '):]
version = version[:version.find(':')]
@@ -17,5 +17,7 @@ def getVersion(self, info):
return version
def initPlugin(self, info):
- version = self.getVersion(info)
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'dashboard')
+ if not version:
+ version = self.getVersion(info)
Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginDataInjection.py b/plugins/PluginDataInjection.py
index 388a844..cf49aaf 100644
--- a/plugins/PluginDataInjection.py
+++ b/plugins/PluginDataInjection.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginDataInjection:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginDatabases.py b/plugins/PluginDatabases.py
new file mode 100644
index 0000000..c5f631e
--- /dev/null
+++ b/plugins/PluginDatabases.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginDatabases:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'databases')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginDataflowsInventory.py b/plugins/PluginDataflowsInventory.py
index c84bc33..d684ec8 100644
--- a/plugins/PluginDataflowsInventory.py
+++ b/plugins/PluginDataflowsInventory.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginDataflowsInventory:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginDiagrams.py b/plugins/PluginDiagrams.py
index 4c736ac..81e75a3 100644
--- a/plugins/PluginDiagrams.py
+++ b/plugins/PluginDiagrams.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginDiagrams:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginDomainsInventory.py b/plugins/PluginDomainsInventory.py
index da75a21..8ce48d0 100644
--- a/plugins/PluginDomainsInventory.py
+++ b/plugins/PluginDomainsInventory.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginDomainsInventory:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('Domains plugin ') + len('Domains plugin '):]
version = version[:version.find('\\')]
diff --git a/plugins/PluginEscalade.py b/plugins/PluginEscalade.py
index 00c2d53..efce8d1 100644
--- a/plugins/PluginEscalade.py
+++ b/plugins/PluginEscalade.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginEscalade:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
@@ -17,5 +17,7 @@ def getVersion(self, info):
return version
def initPlugin(self, info):
- version = self.getVersion(info)
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'escalade')
+ if not version:
+ version = self.getVersion(info)
Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginFields.py b/plugins/PluginFields.py
index 8bb490d..8f2e76a 100644
--- a/plugins/PluginFields.py
+++ b/plugins/PluginFields.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginFields:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
@@ -17,5 +17,7 @@ def getVersion(self, info):
return version
def initPlugin(self, info):
- version = self.getVersion(info)
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'fields')
+ if not version:
+ version = self.getVersion(info)
Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginFormCreator.py b/plugins/PluginFormCreator.py
index be7d8df..3aed13c 100644
--- a/plugins/PluginFormCreator.py
+++ b/plugins/PluginFormCreator.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginFormCreator:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('"version": "') + len('"version": "'):]
version = version[:version.find('"')]
@@ -17,5 +17,7 @@ def getVersion(self, info):
return version
def initPlugin(self, info):
- version = self.getVersion(info)
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'formcreator')
+ if not version:
+ version = self.getVersion(info)
Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginFunctionalAreas.py b/plugins/PluginFunctionalAreas.py
index 4818aad..204e787 100644
--- a/plugins/PluginFunctionalAreas.py
+++ b/plugins/PluginFunctionalAreas.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginFunctionalAreas:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginFusionInventory.py b/plugins/PluginFusionInventory.py
index 140fac8..f1de43e 100644
--- a/plugins/PluginFusionInventory.py
+++ b/plugins/PluginFusionInventory.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginFusionInventory:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('FusionInventory ') + len('FusionInventory '):]
version = version[:version.find(' ')]
@@ -17,5 +17,7 @@ def getVersion(self, info):
return version
def initPlugin(self, info):
- version = self.getVersion(info)
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'fusioninventory')
+ if not version:
+ version = self.getVersion(info)
Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginGDrive.py b/plugins/PluginGDrive.py
new file mode 100644
index 0000000..dbc1102
--- /dev/null
+++ b/plugins/PluginGDrive.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginGDrive:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'gdrive')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
\ No newline at end of file
diff --git a/plugins/PluginGLPICheckingVersion.py b/plugins/PluginGLPICheckingVersion.py
index 526ecc7..7f6cc44 100644
--- a/plugins/PluginGLPICheckingVersion.py
+++ b/plugins/PluginGLPICheckingVersion.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginGLPICheckingVersion:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginGenericObjectsManagement.py b/plugins/PluginGenericObjectsManagement.py
index a38edfb..736757b 100644
--- a/plugins/PluginGenericObjectsManagement.py
+++ b/plugins/PluginGenericObjectsManagement.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginGenericObjectsManagement:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginHistoricalPurge.py b/plugins/PluginHistoricalPurge.py
index 72ff1fa..77d02a4 100644
--- a/plugins/PluginHistoricalPurge.py
+++ b/plugins/PluginHistoricalPurge.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginHistoricalPurge:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginImpacts.py b/plugins/PluginImpacts.py
index abe292c..72ca64e 100644
--- a/plugins/PluginImpacts.py
+++ b/plugins/PluginImpacts.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginImpacts:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginInventoryNumberGeneration.py b/plugins/PluginInventoryNumberGeneration.py
index 573f49a..bde3f56 100644
--- a/plugins/PluginInventoryNumberGeneration.py
+++ b/plugins/PluginInventoryNumberGeneration.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginInventoryNumberGeneration:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginItilCategoryGroups.py b/plugins/PluginItilCategoryGroups.py
index ba610c3..d853420 100644
--- a/plugins/PluginItilCategoryGroups.py
+++ b/plugins/PluginItilCategoryGroups.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginItilCategoryGroups:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginLaunchShellCommands.py b/plugins/PluginLaunchShellCommands.py
index 88a894b..7dfce38 100644
--- a/plugins/PluginLaunchShellCommands.py
+++ b/plugins/PluginLaunchShellCommands.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginLaunchShellCommands:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('Shellcommands plugin ') + len('Shellcommands plugin '):]
version = version[:version.find('\\')]
@@ -17,5 +17,7 @@ def getVersion(self, info):
return version
def initPlugin(self, info):
- version = self.getVersion(info)
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'shellcommands')
+ if not version:
+ version = self.getVersion(info)
Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginMDTConnector.py b/plugins/PluginMDTConnector.py
index c52ae2b..e5825b1 100644
--- a/plugins/PluginMDTConnector.py
+++ b/plugins/PluginMDTConnector.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginMDTConnector:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginMailAnalyzer.py b/plugins/PluginMailAnalyzer.py
index c174d91..8a81d35 100644
--- a/plugins/PluginMailAnalyzer.py
+++ b/plugins/PluginMailAnalyzer.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginMailAnalyzer:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginMantis.py b/plugins/PluginMantis.py
index 690d05a..989cbaa 100644
--- a/plugins/PluginMantis.py
+++ b/plugins/PluginMantis.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginMantis:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginManufacturersImports.py b/plugins/PluginManufacturersImports.py
new file mode 100644
index 0000000..78857be
--- /dev/null
+++ b/plugins/PluginManufacturersImports.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginManufacturersImports:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'manufacturersimports')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginMask.py b/plugins/PluginMask.py
index 6f94ae0..ccb88e4 100644
--- a/plugins/PluginMask.py
+++ b/plugins/PluginMask.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginMask:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.rfind('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginMetabase.py b/plugins/PluginMetabase.py
index 3a86a20..9800095 100644
--- a/plugins/PluginMetabase.py
+++ b/plugins/PluginMetabase.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class pluginDiagrams:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginMoreReporting.py b/plugins/PluginMoreReporting.py
index 5c4e165..360da74 100644
--- a/plugins/PluginMoreReporting.py
+++ b/plugins/PluginMoreReporting.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginMoreReporting:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginMoreSatisfaction.py b/plugins/PluginMoreSatisfaction.py
new file mode 100644
index 0000000..f8e5d9f
--- /dev/null
+++ b/plugins/PluginMoreSatisfaction.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginMoreSatisfaction:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'satisfaction')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
\ No newline at end of file
diff --git a/plugins/PluginMoreTicket.py b/plugins/PluginMoreTicket.py
new file mode 100644
index 0000000..3092175
--- /dev/null
+++ b/plugins/PluginMoreTicket.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginMoreTicket:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'moreticket')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginMyDashboard.py b/plugins/PluginMyDashboard.py
index 0ad0c5a..e992b91 100644
--- a/plugins/PluginMyDashboard.py
+++ b/plugins/PluginMyDashboard.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginMyDashboard:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('Project-Id-Version: GLPI - MyDashboard plugin ') + len('Project-Id-Version: GLPI - MyDashboard plugin '):]
version = version[:version.find('\\')]
@@ -17,5 +17,7 @@ def getVersion(self, info):
return version
def initPlugin(self, info):
- version = self.getVersion(info)
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'mydashboard')
+ if not version:
+ version = self.getVersion(info)
Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginNetworkEquipmentBackup.py b/plugins/PluginNetworkEquipmentBackup.py
index 51d14fd..82e86c6 100644
--- a/plugins/PluginNetworkEquipmentBackup.py
+++ b/plugins/PluginNetworkEquipmentBackup.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginNetworkEquipmentBackup:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.rfind('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginNews.py b/plugins/PluginNews.py
index df172fe..a1aec69 100644
--- a/plugins/PluginNews.py
+++ b/plugins/PluginNews.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginNews:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
@@ -17,5 +17,7 @@ def getVersion(self, info):
return version
def initPlugin(self, info):
- version = self.getVersion(info)
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'news')
+ if not version:
+ version = self.getVersion(info)
Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginOCSInventoryng.py b/plugins/PluginOCSInventoryng.py
new file mode 100644
index 0000000..16e8678
--- /dev/null
+++ b/plugins/PluginOCSInventoryng.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginOCSInventoryng:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'ocsinventoryng')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginOfficeOnline.py b/plugins/PluginOfficeOnline.py
new file mode 100644
index 0000000..8b8feb2
--- /dev/null
+++ b/plugins/PluginOfficeOnline.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginOfficeOnline:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'officeonline')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
\ No newline at end of file
diff --git a/plugins/PluginOpenVAS.py b/plugins/PluginOpenVAS.py
index a6435a2..c362146 100644
--- a/plugins/PluginOpenVAS.py
+++ b/plugins/PluginOpenVAS.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginOpenVAS:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginOrderManagement.py b/plugins/PluginOrderManagement.py
index ca6a5e2..3a9b58c 100644
--- a/plugins/PluginOrderManagement.py
+++ b/plugins/PluginOrderManagement.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginOrderManagement:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginOrderService.py b/plugins/PluginOrderService.py
index 3a86a20..9800095 100644
--- a/plugins/PluginOrderService.py
+++ b/plugins/PluginOrderService.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class pluginDiagrams:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginPrinterCounters.py b/plugins/PluginPrinterCounters.py
new file mode 100644
index 0000000..92e2874
--- /dev/null
+++ b/plugins/PluginPrinterCounters.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginPrinterCounters:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'printercounters')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
\ No newline at end of file
diff --git a/plugins/PluginProcessmaker.py b/plugins/PluginProcessmaker.py
index 8f082aa..e182905 100644
--- a/plugins/PluginProcessmaker.py
+++ b/plugins/PluginProcessmaker.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginProcessmaker:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.rfind('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginRacks.py b/plugins/PluginRacks.py
index 56c87ab..553df24 100644
--- a/plugins/PluginRacks.py
+++ b/plugins/PluginRacks.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginRacks:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('Racks plugin ') + len('Racks plugin '):]
version = version[:version.find('\\')]
@@ -17,5 +17,7 @@ def getVersion(self, info):
return version
def initPlugin(self, info):
- version = self.getVersion(info)
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'racks')
+ if not version:
+ version = self.getVersion(info)
Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginReports.py b/plugins/PluginReports.py
new file mode 100644
index 0000000..6b0f7d9
--- /dev/null
+++ b/plugins/PluginReports.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginReports:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'reports')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginReservation.py b/plugins/PluginReservation.py
new file mode 100644
index 0000000..063895e
--- /dev/null
+++ b/plugins/PluginReservation.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginReservation:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'reservation')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginRoom.py b/plugins/PluginRoom.py
index 82defb5..f331b76 100644
--- a/plugins/PluginRoom.py
+++ b/plugins/PluginRoom.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginRoom:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.rfind('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginSCCM.py b/plugins/PluginSCCM.py
index b87e031..830ba2f 100644
--- a/plugins/PluginSCCM.py
+++ b/plugins/PluginSCCM.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginSCCM:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginSeasonality.py b/plugins/PluginSeasonality.py
new file mode 100644
index 0000000..ce91179
--- /dev/null
+++ b/plugins/PluginSeasonality.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginSeasonality:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'seasonality')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
\ No newline at end of file
diff --git a/plugins/PluginStatecheck.py b/plugins/PluginStatecheck.py
index ffe6c1f..a742958 100644
--- a/plugins/PluginStatecheck.py
+++ b/plugins/PluginStatecheck.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginStatecheck:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginSurveyTicket.py b/plugins/PluginSurveyTicket.py
new file mode 100644
index 0000000..b7d61c9
--- /dev/null
+++ b/plugins/PluginSurveyTicket.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginSurveyTicket:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'surveyticket')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginTag.py b/plugins/PluginTag.py
index d26f125..b154938 100644
--- a/plugins/PluginTag.py
+++ b/plugins/PluginTag.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginTag:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginTaskDrop.py b/plugins/PluginTaskDrop.py
new file mode 100644
index 0000000..2091a25
--- /dev/null
+++ b/plugins/PluginTaskDrop.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginTaskDrop:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'taskdrop')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
\ No newline at end of file
diff --git a/plugins/PluginTasksList.py b/plugins/PluginTasksList.py
index f2c808d..c792c10 100644
--- a/plugins/PluginTasksList.py
+++ b/plugins/PluginTasksList.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginTasksList:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('Tasklists plugin ') + len('Tasklists plugin '):]
version = version[:version.find('\\')]
diff --git a/plugins/PluginTelegramBot.py b/plugins/PluginTelegramBot.py
index d4a8007..0fa726a 100644
--- a/plugins/PluginTelegramBot.py
+++ b/plugins/PluginTelegramBot.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginTelegramBot:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginTimelineticket.py b/plugins/PluginTimelineticket.py
index 2f21de0..e028f17 100644
--- a/plugins/PluginTimelineticket.py
+++ b/plugins/PluginTimelineticket.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginTimelineticket:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('Project-Id-Version: GLPI - Timelineticket plugin ') + len('Project-Id-Version: GLPI - Timelineticket plugin '):]
version = version[:version.find('\\')]
@@ -17,5 +17,7 @@ def getVersion(self, info):
return version
def initPlugin(self, info):
- version = self.getVersion(info)
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'timelineticket')
+ if not version:
+ version = self.getVersion(info)
Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginTimezones.py b/plugins/PluginTimezones.py
index 5054dfb..3fcb334 100644
--- a/plugins/PluginTimezones.py
+++ b/plugins/PluginTimezones.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginTimezones:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginTypology.py b/plugins/PluginTypology.py
index e1cfe54..249c1c1 100644
--- a/plugins/PluginTypology.py
+++ b/plugins/PluginTypology.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginTypology:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0], verify=False)
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('Typology plugin ') + len('Typology plugin '):]
version = version[:version.find('\\')]
diff --git a/plugins/PluginUninstall.py b/plugins/PluginUninstall.py
index 89965f1..713d664 100644
--- a/plugins/PluginUninstall.py
+++ b/plugins/PluginUninstall.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginUninstall:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginUsedItemsExport.py b/plugins/PluginUsedItemsExport.py
index 666b937..b51f748 100644
--- a/plugins/PluginUsedItemsExport.py
+++ b/plugins/PluginUsedItemsExport.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginUsedItemsExport:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/plugins/PluginWebApplications.py b/plugins/PluginWebApplications.py
new file mode 100644
index 0000000..dc3d39c
--- /dev/null
+++ b/plugins/PluginWebApplications.py
@@ -0,0 +1,12 @@
+#!/usr/bin/python
+
+from inc import Config, Exploits, AjaxTelemetry
+
+import requests, chalk
+
+class PluginWebApplications:
+
+ def initPlugin(self, info):
+ version = AjaxTelemetry.AjaxTelemetry().getPluginVersion(info, 'webapplications')
+ if version:
+ Exploits.ExploitsCheck().verifExploit(info[1], version)
diff --git a/plugins/PluginXivo.py b/plugins/PluginXivo.py
index 29b93d6..5a3542b 100644
--- a/plugins/PluginXivo.py
+++ b/plugins/PluginXivo.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
-from inc import Config, Exploits
+from inc import Config, Exploits, AjaxTelemetry
import requests, chalk
@@ -9,7 +9,7 @@ class PluginXivo:
def getVersion(self, info):
if Config.DEBUG:
print("[DEBUG] GET : " + Config.BASE_URL + info[0])
- r = requests.get(Config.BASE_URL + info[0])
+ r = requests.get(Config.BASE_URL + info[0], verify=False, proxies=Config.PROXY, headers=Config.HEADERS)
content = r.content
version = content[content.find('') + len(''):]
version = version[:version.find('<')]
diff --git a/requirements.txt b/requirements.txt
new file mode 100644
index 0000000..d947183
--- /dev/null
+++ b/requirements.txt
@@ -0,0 +1,4 @@
+pychalk>=2.0.1
+requests>=2.18.4
+urllib3>=1.22
+packaging>=19.0
\ No newline at end of file