p0deje's sec & qa blog

While pentesting one project, I've faced PunBB v1.3 forum running there. As long as it would take a bit of time to check for installed extensions (even though there are not so much for it), I've written a pretty simple Python script to enumerate them. Maybe I It gets the list of available extensions from PunBB site and searches for them at provided website. Its code is really dirty, but I needed quick solution. Maybe it will be useful for someone. Or maybe I just failed googling for a one. Anyway, here it is. Usage (note no trailing slash):

$ python3 scanner.py http://www.example.com/forum

#!/usr/bin/python3

import urllib.request, re, sys

host = sys.argv[1]

try:
  l = urllib.request.urlopen('http://punbb.informer.com/svn/additions/punbb-1.3/extensions/')
except urllib.error.HTTPError:
  print('Cannot enumerate available extensions from http://punbb.informer.com/')
  exit()

e = l.read().decode()
e = re.sub('&lt;.*?&gt;', '', e)
e = re.findall('(pun_.*/)', e)

for i in e:
  try:
    urllib.request.urlopen(host + '/extensions/' + i)
    print('YES - ' + i)
  except urllib.error.HTTPError:
    print('NO  - ' + i)

p0deje's sec & qa blog

10/02/2010

PunBB v1.3 Extension Scanner

0 comments:

Post a Comment

Categories

Labels

Blog Archive

Hire me