1## 2# This file is part of WhatWeb and may be subject to 3# redistribution and commercial restrictions. Please see the WhatWeb 4# web site for more information on licensing and terms of use. 5# http://www.morningstarsecurity.com/research/whatweb 6## 7Plugin.define "phpRemoteView" do 8author "Brendan Coles <bcoles@gmail.com>" # 2011-05-24 9version "0.1" 10description "phpRemoteView - web backdoor - allows users to browse the filesystem, edit files on the server, execute PHP code, or Shell commands, etc. Works on Windows and Unix servers" 11website "http://php.spb.ru/remview/" 12 13# Google results as at 2011-05-24 # 14# 72 for intitle:"phpRemoteView: " +perms 15 16# Dorks # 17dorks [ 18'intitle:"phpRemoteView: " "perms"' 19] 20 21 22 23# Matches # 24matches [ 25 26# Filepath Detection 27{ :certainty=>75, :filepath=>/<title>phpRemoteView: ([^<]+)<\/title>/ }, 28 29# Version Detection 30{ :version=>/<font size=1 style='Font: 8pt Verdana'>phpRemoteView © Dmitry Borodin \(version ([\d]{4}-[\d]{2}-[\d]{2})\)<br>/ }, 31 32# Index of HTML 33{ :certainty=>75, :text=>"'><font face=fixedsys size=+2>*</font></a><font size=5><b>Index of</b></font>" }, 34 35] 36 37end 38 39