Nmap Development mailing list archives
[NSE] New script http-backup-finder
From: Patrik Karlsson <patrik () cqure net>
Date: Sat, 10 Dec 2011 11:37:01 +0100
Hi all, I've made a bunch of improvements to the httpspider, made some changes to the http-email-harvest script and just commited a new script called http-backup-finder. The new scripts crawls a site and then attempts to find backup files by requesting known backup patterns eg: index.html~, index.bak etc. I noticed some weird responses on some systems claiming to have files based on the Mac OS pattern "index copy.html". In all cases so far, this has been a symptom of mod_negotiation triggering for some reason, returning the index.html page instead. Don't know what to make of this, except for maybe escaping the url so that it would become "index%20copy.htm" instead, as this does not trigger mod_negotiation. Cheers, Patrik -- Patrik Karlsson http://www.cqure.net http://twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] New script http-backup-finder Patrik Karlsson (Dec 10)
- Re: [NSE] New script http-backup-finder David Fifield (Dec 14)
- Re: [NSE] New script http-backup-finder Patrik Karlsson (Dec 15)
- Re: [NSE] New script http-backup-finder David Fifield (Dec 14)