#VERSION,1.03
# $Id$
###############################################################################
#  Copyright (C) 2004 CIRT, Inc.
#
#  This program is free software; you can redistribute it and/or
#  modify it under the terms of the GNU General Public License
#  as published by the Free Software Foundation; version 2
#  of the License only.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with this program; if not, write to the Free Software
#  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
###############################################################################
# PURPOSE:
# Look for multiple unique index files
###############################################################################
sub nikto_multiple_index_init
{
   my $id =
   {
      name         => "mutiple_index",
      full_name    => "Multiple Index",
      author       => "deity",
      description  => "Checks for multiple index files",
      scan_method  => \&nikto_multiple_index,
      copyright    => "2009 CIRT Inc"
   };

   return $id;
}

sub nikto_multiple_index
{
   my ($mark) = @_;
   my $dbarray = init_db("db_multiple_index");
   my ($found, $hashes);
   foreach my $item (@$dbarray) {
      	# Use nfetch to minimise extra code
      	# First we need to mangle the host.
      	my ($res, $content) = nfetch($mark, "/$item->{'index'}", "GET", "", "", "", "multiple_index");

      	if (($res == 200) || ($res == 404)) {
       		$content=rm_active_content($result{'whisker'}->{'data'}, "/$item->{'index'}");
       		my $hash=LW2::md4($content);
		$found{$item->{'index'}}=$hash;
		$hashes{$hash}++;
      	}

   } # End foreach

   if (keys(%found) > 1)
   {
	# make sure we have unique pages
	$total_unique=0;
	foreach my $hash (keys %hashes) {
		if ($hashes{$hash} eq 1) {
			$total_unique++;
		}
	}

	# one unique hash... bogus responses
	if ($total_unique <= 1) { 
		return; 
	}

	my $tempstring;
	foreach my $f (keys %found) { $tempstring .= "$f, "; }
	$tempstring =~ s/,$//;

	# some unique... report slightly differently
	if ($total_unique < keys(%found)) {
      		add_vulnerability($mark,"Multiple index files found (note, these may not all be unique): $tempstring", 740000, 0);
	}

	# all unique... report
	if ($total_unique eq keys(%found)) {
      		add_vulnerability($mark,"Multiple index files found: $tempstring", 740000, 0);
	}
   }
}

1;