# OpenVAS Vulnerability Test
# $Id$
# Description: This script ensure that the FileMaker database server is
installed
#
# Author:
# Christian Eric Edjenguele <[EMAIL PROTECTED]>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 and later,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
if(description)
{
script_id(00000);
name["english"] = "FileMaker service detection";
script_name(english:name["english"]);
desc["english"] = "
The remote host is running the Filemaker database server.
Solution :
You should Allow connection to this host only from trusted host or networks,
or disable the service if not used.
Risk factor : None";
script_description(english:desc["english"]);
summary["english"] = "FileMaker Pro is a cross-platform relational database
application from FileMaker Inc. (a subsidiary of Apple Inc.), has compatible
versions for both the Mac OS X and Microsoft Windows operating systems ";
script_summary(english:summary["english"]);
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is under GPL v2 +");
family["english"] = "Service detection";
script_family(english:family["english"]);
exit(0);
}
# default port for Filemaker
port = 5003
filemaker_auth_packet =
'\x47\x49\x4f\x50\x01\x02\x01\x00\x14\x01\x00\x00\x04\x00\x00\x00';
filemaker_auth_packet +=
'\x03\x00\x00\x00\x00\x00\x00\x00\x17\x00\x00\x00\xff\x6f\x6d\x6e';
filemaker_auth_packet +=
'\x69\x49\x4e\x53\x50\x4f\x41\xff\x46\x4d\x50\x4f\x41\x00\x46\x4d';
filemaker_auth_packet +=
'\x52\x50\x4f\x00\x08\x00\x00\x00\x43\x6f\x6e\x6e\x65\x63\x74\x00';
filemaker_auth_packet +=
'\x00\x00\x00\x00\x05\x00\x00\x00\x0c\x00\x00\x00\x49\x44\x4c\x3a';
filemaker_auth_packet +=
'\x52\x50\x4f\x3a\x31\x2e\x30\x00\x01\x00\x00\x00\x00\x00\x00\x00';
filemaker_auth_packet +=
'\x6c\x00\x00\x00\x01\x01\x02\x00\x0b\x00\x00\x00\x31\x30\x2e\x34';
filemaker_auth_packet +=
'\x2e\x31\x31\x2e\x39\x34\x00\x00\x8b\x13\x00\x00\x17\x00\x00\x00';
filemaker_auth_packet +=
'\xff\x6f\x6d\x6e\x69\x49\x4e\x53\x50\x4f\x41\xff\x46\x4d\x50\x4f';
filemaker_auth_packet +=
'\x41\x00\x46\x4d\x52\x50\x4f\x00\x02\x00\x00\x00\x00\x00\x00\x00';
filemaker_auth_packet +=
'\x08\x00\x00\x00\x01\x00\x00\x00\x00\x54\x54\x41\x01\x00\x00\x00';
filemaker_auth_packet +=
'\x1c\x00\x00\x00\x01\x00\x00\x00\x01\x00\x01\x00\x01\x00\x00\x00';
filemaker_auth_packet +=
'\x01\x00\x01\x05\x09\x01\x01\x00\x01\x00\x00\x00\x09\x01\x01\x00';
filemaker_auth_packet +=
'\x4c\x00\x00\x00\x01\x01\x08\x2d\x22\x2a\x3f\x34\x29\x2a\x68\x23';
filemaker_auth_packet +=
'\x69\x62\x0c\x6e\x6f\x0e\x17\x17\x63\x14\x14\x0e\x62\x6c\x6e\x63';
filemaker_auth_packet +=
'\x0c\x6d\x63\x6f\x69\x6f\x6d\x68\x0e\x10\x17\x0c\x17\x68\x02\x14';
filemaker_auth_packet +=
'\x11\x0e\x0e\x09\x0a\x28\x35\x7a\x62\x74\x6a\x2c\x6b\x11\x6a\x6a';
filemaker_auth_packet +=
'\x60\x6a\x39\x60\x68\x63\x60\x6f\x69\x60\x39\x6e\x60\x6c\x3b\x15';
# declare that Filemaker is not installed yet
is_filemaker = 0;
if(get_port_state(port))
{
soc = open_sock_tcp(port);
if(soc)
{
send(socket:soc, data: filemaker_auth_packet);
reply = recv(socket:soc, length:136);
# Check that Filemaker is not tcpwrapped. And that it's really Filemaker
if(stridx(reply, "GIOP", 0)) is_filemaker = 1;
}
close(soc);
}
#
# Report Filemaker installed
#
if(is_filemaker == 1)
{
report = "This host seems to running the Filemaker database server";
security_note(port:port, data:report);
}
===
Christian Eric Edjenguele
IT Security Software Developer & Researcher
tel. +39 3408580513
View my linkedin profile: http://www.linkedin.com/in/edjenguele
My blog: http://www.edjenguele.blogspot.com
---
Management, Developers, Security Professionals – can only result in one thing……
better security.
http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference Sept 22nd-25th
2008
__________________________________________________
Do You Yahoo!?
Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da tanto
spazio gratuito per i tuoi file e i messaggi
http://mail.yahoo.it
_______________________________________________
Openvas-plugins mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
