Pyfiscan is free web-application vulnerability and version scanner and can be used to locate out-dated versions of common web-applications in Linux-servers. Example use case is hosting-providers keeping eye on their users installations to keep up with security-updates. Fingerprints are easy to create and modify as user can write those in YAML-syntax. Pyfiscan also contains tool to create email alerts using templates.
Requirements
- Python 2.7
- Python modules PyYAML docopt
- GNU/Linux web server
Detects following software
- ATutor
- b2evolution
- BigTree CMS
- Bugzilla
- Centreon
- Claroline
- ClipperCMS
- CMSimple
- CMSMS
- Collabtive
- Concrete5
- Coppermine
- Cotonti
- Croogo
- CubeCart
- Dolibarr
- Dotclear
- Drupal
- e107
- EspoCRM
- Etherpad
- FluxBB
- Foswiki
- Gallery
- Gollum
- HelpDEZk
- HumHub
- ImpressCMS
- ImpressPages
- Jamroom
- Joomla
- Kanboard
- KCFinder
- LiteCart
- Magnolia
- Mahara
- MantisBT
- MediaWiki
- Microweber
- MiniBB
- MODX Revolution
- MoinMoin
- MyBB
- Nibbleblog
- Open Source Social Network
- OpenCart
- osDate
- ownCloud
- Oxwall
- PBBoard
- phpBB3
- PhpGedView
- phpMyAdmin
- Piwigo
- Piwik
- PmWiki
- Postfix Admin
- Redaxo
- Roundcube
- SaurusCMS
- Serendipity
- Shaarli
- SMF
- Spina CMS
- SPIP
- SquirrelMail
- TestLink
- TikiWiki
- Trac
- WikkaWiki
- WordPress
- X-Cart
- Zenphoto
- Zikula
Detects following end-of-life software:
- Bugzilla 4.2 is end-of-life since 2015-11-30
- Drupal 6 is end-of-life since 2016-02-24
- Gallery 1
- Joomla 1.5 is end-of-life since 2012-04-30
- Joomla 1.6 is end-of-life since 2011-08-19. 1.6.x should be upgraded to 1.6.6 before moving to 1.7.x
- Joomla 1.7 is end-of-life since 2012-02-24
- Joomla 2.5
- MediaWiki 1.18
- MediaWiki 1.19 is end-of-life since 2015-04-25
- MediaWiki 1.20
- MediaWiki 1.21 is end-of-life since 2014-06-25
- MediaWiki 1.22
- MediaWiki 1.23 is end-of-life since 2017-05-31
- MediaWiki 1.24
- MediaWiki 1.25
- MediaWiki 1.26 is end-of-life since 2016-11-20
- MediaWiki 1.28 is end-of-life since 2017-11-01
- ownCloud 4
- ownCloud 5
- ownCloud 6
- ownCloud 7
- ownCloud 8.0
- ownCloud 8.1
- ownCloud 8.2
- SaurusCMS
Installation
apt-get install python python-pip libpython2.7-dev libyaml-dev git libyaml-dev
git clone https://github.com/fgeek/pyfiscan.git && cd pyfiscan
pip2 install -r requirements.lst
or you can use BlackArch Linux.Notes
- WordPress
- Announcing a secure SWFUpload fork
- Joomla
- Upgrade should be done using "Extension manager -> Upgrade" in version 1.6.6 and later
- Release and support cycle
- Setup Security checklist
- Upgrading and migrating Joomla
- Joomla 2.x creates random SQL table prefix
- Joomla 3.x informs and shows user a button to remove installation-directory
- Creates ./configuration.php in installation
- Creates robots.txt, which contains word "Joomla"
- SMF
- End of life of SMF 1.0
- Installer requests users with button to delete install.php
- TikiWiki
- MediaWiki
- Gallery
- Not installed when config.php is missing.
- http://codex.galleryproject.org/Gallery2:Security
- Upgrade using: http://example.org/gallery3/index.php/upgrade php index.php upgrade
- phpBB (version unknown)
- Open installation is not a vulnerability since web-interface requests user to authenticate by inserting random data to file.
- Coppermine
- Not installed when include/config.inc.php is missing.
- Owncloud
- status.php outputs: {"installed":"true","version":"5.0.6","versionstring":"5.0.5","edition":""}
- Piwigo
- Not installed if local/config/database.inc.php is missing.
- Claroline
- Not installed when platform/conf/claro_main.conf.php is missing.
- Installation pages request user to remove claroline/install/ directory.