Nmap Development mailing list archives

http-cors, new NSE script for detecting cross-origin http access

From: Toni Ruottu <toni.ruottu () iki fi>
Date: Sat, 18 Jun 2011 00:47:48 +0300

  hello

I wrote a simple script which uses CORS to figure out cross-origin
accessible methods on an http server. It seems to work against the
http interface of an OpenLookup server, but it needs to be tested
against other servers with CORS policies. Feel free to try it against
my OpenLookup server by running the following command...

nmap -sV -p 5851 --script http-cors javascript0.org

Please report your results against other targets to the mailing list.

  Cheers, --Toni

Attachment: http-cors.nse
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

http-cors, new NSE script for detecting cross-origin http access Toni Ruottu (Jun 17)
- Re: http-cors, new NSE script for detecting cross-origin http access Toni Ruottu (Jun 18)