Nmap Development mailing list archives
Re: favicon survey script
From: Vlatko Kosturjak <kost () linux hr>
Date: Thu, 06 Aug 2009 00:45:16 +0200
Vlatko Kosturjak wrote:
I have also made new version of the nse script (for distributing with nmap, not for crawling) which is quite better than the old one (uses data files for example - instead of having that directly in the script). Will send to the list in the short time.
As promised. Here it is. Changes since last post of this script to this mailing list: - Implemented David's comments (hash & HAVE_SSL) - Implemented datafile instead of having data(MD5s) in script - Implemented script argument for URI, so you can specify URI where favicon.ico is located (in case you want test for /specific/place/): --script-args favicon={uri=/somewhere/favicon.ico} If there's anything else to implement, let me know! Kost
09b565a51e14b721a323f0ba44b2982a:Google web server 506190fc55ceaa132f1bc305ed8472ca:SocialText 2cc15cfae55e2bb2d85b57e5b5bc3371:PHPwiki 389a8816c5b87685de7d8d5fec96c85b:XOOPS cms d41d8cd98f00b204e9800998ecf8427e:Drupal cms f1876a80546b3986dbb79bad727b0374:NetScreen WebUI 226ffc5e483b85ec261654fe255e60be:Netscape 4.1 b25dbe60830705d98ba3aaf0568c456a:Netscape iPlanet 6.0 41e2c893098b3ed9fc14b821a2e14e73:Netscape 6.0 (AOL) a28ebcac852795fe30d8e99a23d377c1:SunOne 6.1 71e30c507ca3fa005e2d1322a5aa8fb2:Apache on Redhat
description = [[ Gets the favicon.ico from the root of a web service and tries to enumerate it ]] --- -- @args favicon.uri Uri that will be requested for favicon -- @output -- |_ http-favicon: Found favicon from Socialtext -- HTTP default favicon enumeration script -- rev 1.2 (2009-03-11) -- Original NASL script by Javier Fernandez-Sanguino Pena author = "Vlatko Kosturjak <kost () linux hr>" license = "Same as Nmap--See http://nmap.org/book/man-legal.html" categories = {"default", "discovery"} require "shortport" require "http" require "stdnse" require "datafiles" portrule = shortport.port_or_service({80, 443, 8080, 8443}, {"http", "https", "http-alt", "https-alt"}) action = function(host, port) local md5sum,answer local match local status, favicondb local result= "" local favicondbfile="favicon-db" status, favicondb = datafiles.parse_file( favicondbfile, {["^%s*([^%s#:]+)[%s:]+"] = "^%s*[^%s#:]+[%s:]+(.*)"}) if not status then stdnse.print_debug( 1, "Could not open file: %s", favicondbfile ) return end if not pcall(require,'openssl') then stdnse.print_debug( 3, "Skipping %s script because OpenSSL is missing.", filename ) return end if(nmap.registry.args.favicon and nmap.registry.args.favicon.uri) then answer = http.get( host, port, "/"..nmap.registry.args.favicon.uri) stdnse.print_debug( 4, "Using URI %s", nmap.registry.args.favicon.uri) else answer = http.get( host, port, "/favicon.ico" ) stdnse.print_debug( 4, "Using default URI.") end --- check for 200 response code if answer.status == 200 then md5sum=stdnse.tohex(openssl.md5(answer.body)) match=favicondb[md5sum] if match then result = result .. "Found favicon from " .. match .. "." else result="Unknown favicon MD5: " .. md5sum end else stdnse.print_debug( 1, "No favicon found on root of web server.") return end --- status == 200 return result end
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- favicon survey script David Fifield (Aug 04)
- Re: favicon survey script Brandon Enright (Aug 04)
- Re: favicon survey script Vlatko Kosturjak (Aug 05)
- Re: favicon survey script Vlatko Kosturjak (Aug 05)
- Re: favicon survey script Vlatko Kosturjak (Aug 05)
- Re: favicon survey script David Fifield (Aug 05)
- Re: favicon survey script Vlatko Kosturjak (Aug 05)
- Re: favicon survey script David Fifield (Aug 06)
- Re: favicon survey script Brandon Enright (Aug 06)
- Re: favicon survey script Vlatko Kosturjak (Aug 06)
- Scanning DNS names fast (was Re: favicon survey script) Brandon Enright (Aug 06)
- Re: favicon survey script David Fifield (Aug 06)
- Re: favicon survey script kx (Aug 06)
- Re: favicon survey script Joao Correa (Aug 06)
- Re: favicon survey script Joao Correa (Aug 09)
- Re: favicon survey script Vlatko Kosturjak (Aug 05)
- Re: favicon survey script Brandon Enright (Aug 04)