Nmap Development mailing list archives
[NSE] http-referer-checker.nse
From: George Chatzisofroniou <sophron () latthi com>
Date: Sun, 23 Jun 2013 18:31:06 +0300
The attached script informs about cross-domain include of scripts. Websites that include external javascript scripts are delegating part of their security to third-party entities since that included code has full client-side power and can do whatever it wants (like steal document.cookie or send malicious AJAX requests). So, it's important for developers to never include a javascript file from a domain they don't trust. To make this work properly, i had to make some improvements to httpspider library (i'll make a seperate thread for these changes). So, you also need to apply the attached patch. The script is easy to use. There are no arguments, except those for spidering from httpspider library. To test it, try: ./nmap -p80 -n -Pn --script http-referer-checker.nse 83.212.115.76 (Feel free to test it on this server. It's a VM of mine i've set up for Nmap research.) The output should be something like: PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-referer-checker: | Spidering limited to: maxpagecount=30 | http://ajax.googleapis.com/ajax/libs/dojo/1.9.1/dojo/dojo.js | http://ajax.googleapis.com/ajax/libs/prototype/1.7.1.0/prototype.js | http://code.jquery.com/jquery-latest.js |_ http://s7.addthis.com/js/300/addthis_widget.js#pubid=xa-511d06db78eb3b45 Any feedback is welcome, -- George Chatzisofroniou sophron.latthi.com
Attachment:
http-referer-checker.nse
Description:
Attachment:
adding_blacklist_for_scraping.diff
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] http-referer-checker.nse George Chatzisofroniou (Jun 23)