1##
2# This file is part of WhatWeb and may be subject to
3# redistribution and commercial restrictions. Please see the WhatWeb
4# web site for more information on licensing and terms of use.
5# http://www.morningstarsecurity.com/research/whatweb
6##
7Plugin.define "X-Cache" do
8author "Brendan Coles <bcoles@gmail.com>" # 2011-01-30
9version "0.1"
10description "This plugin identifies the X-Cache HTTP header and extracts the value."
11
12# ShodanHQ results as at 2011-01-30 #
13#  3,883 for x-cache-Lookup -squid
14# 59,766 for x-cache
15# 95,263 for x-cache-Lookup
16
17
18
19# Passive #
20def passive
21	m=[]
22
23	# X-Cache
24	if @headers["x-cache"] =~ /(MISS|HIT|NONE) from ([^\r^\n]{1,128})/
25#		@headers["x-cache"].each do |x_cache|
26		m << { :string=>@headers["x-cache"].to_s.scan(/ from ([^\r^\n]{1,128})/).flatten }
27#		end
28	end
29
30	# X-Cache-Lookup
31	if @headers["x-cache-lookup"] =~ /(MISS|HIT|NONE) from ([^\r^\n]{1,128})/
32#		@headers["x-cache-lookup"].each do |x_cache|
33		m << { :string=>@headers["x-cache-lookup"].scan(/ from ([^\r^\n]{1,128})/).flatten }
34#		end
35	end
36
37	# Return passive matches
38	m
39
40end
41
42end
43
44