The current osticket_detect.nasl script does not detect latest
versions 1.3.0 and 1.3.1 of the osTicket product. (It detects upto
1.2.7 only.)
This is because, it searches for a pattern 'alt="osTicket"' in the
file open.php to make sure the page is from osTicket. (Line 72).
But that pattern does not exist in the latest versions. They have
changed it from alt="osTicket" to alt= "Main".
Changing the search pattern from 'alt="osTicket"' to
'alt="osTicket.*"' will match the string 'alt="osTicket STS v1.2
Copyright (c) 2003 osTicket.com"' at the bottom of the page.
Here I am attaching a patch which will support detection of versions
1.3.0 and 1.3.1.
Any comments are welcome.
Kind Regards,
Jayesh KS
===========================
73c73
< if (egrep(pattern:'alt="osTicket"', string:res, icase:TRUE)) {
---
> if (egrep(pattern:'alt="osTicket.*', string:res, icase:TRUE)) {
86c86
<
---
> #Added support for versions 1.3.0 and 1.3.1
96a97,105
> if (egrep(pattern:"osTicket: Customer Support System", string:res)) {
> req = http_get(item:string(dir, "/include/main.php?",
> "config[search_disp]=true&include_dir=",
> "../automail.pl/"),port:port );
> res = http_keepalive_send_recv(port:port, data:req, bodyonly:TRUE);
> if ('Invalid path' >< res ) ver = "1.3.1";
> else ver="1.3.0";
> }
>
98c107
< if (egrep(pattern:"You do not have access to attachments",
string:res)) {
---
> else if (egrep(pattern:"You do not have access to attachments", string:res)) {
104a114
>
107c117
<
---
>
================
versions 1.3.0 and 1.3.1 of the osTicket product. (It detects upto
1.2.7 only.)
This is because, it searches for a pattern 'alt="osTicket"' in the
file open.php to make sure the page is from osTicket. (Line 72).
But that pattern does not exist in the latest versions. They have
changed it from alt="osTicket" to alt= "Main".
Changing the search pattern from 'alt="osTicket"' to
'alt="osTicket.*"' will match the string 'alt="osTicket STS v1.2
Copyright (c) 2003 osTicket.com"' at the bottom of the page.
Here I am attaching a patch which will support detection of versions
1.3.0 and 1.3.1.
Any comments are welcome.
Kind Regards,
Jayesh KS
===========================
73c73
< if (egrep(pattern:'alt="osTicket"', string:res, icase:TRUE)) {
---
> if (egrep(pattern:'alt="osTicket.*', string:res, icase:TRUE)) {
86c86
<
---
> #Added support for versions 1.3.0 and 1.3.1
96a97,105
> if (egrep(pattern:"osTicket: Customer Support System", string:res)) {
> req = http_get(item:string(dir, "/include/main.php?",
> "config[search_disp]=true&include_dir=",
> "../automail.pl/"),port:port );
> res = http_keepalive_send_recv(port:port, data:req, bodyonly:TRUE);
> if ('Invalid path' >< res ) ver = "1.3.1";
> else ver="1.3.0";
> }
>
98c107
< if (egrep(pattern:"You do not have access to attachments",
string:res)) {
---
> else if (egrep(pattern:"You do not have access to attachments", string:res)) {
104a114
>
107c117
<
---
>
================
Attached Files:
-
osticket_detect.patch (0.84 KB)