[NSE] http-referer-checker.nse

[George Chatzisofroniou <sophron () latthi com>]

The attached script informs about cross-domain include of scripts.
Websites that include external javascript scripts are delegating part
of their security to third-party entities since that included code has
full client-side power and can do whatever it wants (like steal
document.cookie or send malicious AJAX requests). So, it's important
for developers to never include a javascript file from a domain they
don't trust.

To make this work properly, i had to make some improvements to
httpspider library (i'll make a seperate thread for these changes).
So, you also need to apply the attached patch.

The script is easy to use. There are no arguments, except those for
spidering from httpspider library.

To test it, try:

./nmap -p80 -n -Pn --script http-referer-checker.nse 83.212.115.76

(Feel free to test it on this server. It's a VM of mine i've set up
for Nmap research.)

The output should be something like:

PORT   STATE SERVICE REASON
80/tcp open  http    syn-ack
| http-referer-checker:
| Spidering limited to: maxpagecount=30
|   http://ajax.googleapis.com/ajax/libs/dojo/1.9.1/dojo/dojo.js
|   http://ajax.googleapis.com/ajax/libs/prototype/1.7.1.0/prototype.js
|   http://code.jquery.com/jquery-latest.js
|_  http://s7.addthis.com/js/300/addthis_widget.js#pubid=xa-511d06db78eb3b45

Any feedback is welcome,

--
George Chatzisofroniou
sophron.latthi.com

Attachment: http-referer-checker.nse
Description:

Attachment: adding_blacklist_for_scraping.diff
Description:

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/