Search by 
gared / ether-scan
A simple scanner for Etherpad instances
v3.0.0
2024-04-06 16:09 UTC
Requires
- php: >=8.1
- ext-json: *
- elephantio/elephant.io: 4.3.*
- guzzlehttp/guzzle: ^7.8
- symfony/console: ^6.4
Requires (Dev)
- phpstan/phpstan: ^1.10
This package is auto-updated.
Last update: 2024-04-29 15:24:30 UTC
README
Use this tool to scan your etherpad instance to get some insights and test if there is any misconfiguration.
What is this tool doing?
- Check the "Server" header to see if the revision of etherpad is returned
- Check the API version (pad.example.com/api)
- Check the etherpad version
- Check if the pads are publicly accessible
- Check if the server is healthy (pad.example.com/health)
- Check if the admin area is accessible with default credentials (pad.example.com/admin)
- Check if any (frontend) plugins are installed
- Check if the server is running since a long time (pad.example.com/stats)
Try it out
You can try this tool out on the https://scanner.etherpad.org which is using this library.
Requirements
You need PHP 8.1 or higher to run this tool.
Usage
Clone
Clone this repository and install dependencies
composer install
Next run this command to scan your instance
bin/console.php ether:scan http://localhost:9001
Starting scan of api... ======================= [INFO] No revision in server header [INFO] api version: 1.3.0 Starting scan of a pad... ========================= [INFO] Package version: 1.9.7 [OK] Pads are publicly accessible [OK] Server is healthy [INFO] Version is 1.9.7 [INFO] Server running since: 2024-03-08T21:38:56+00:00 Starting scan of admin area... ============================== [OK] Admin area is not accessible with admin / admin [OK] Admin area is not accessible with admin / changeme1 [OK] Admin area is not accessible with user / changeme1 Starting scan of plugins... =========================== [INFO] No plugins found
Composer
You can also install this tool with composer
composer require gared/ether-scan