Nmap Development mailing list archives
[NSE] http-feed.nse
From: George Chatzisofroniou <sophron () latthi com>
Date: Mon, 12 Aug 2013 19:04:41 +0300
Hi, The attached script crawls through the website and performs some pattern-matching to find any rss or atom feeds. This is pretty useful when testing the target for feed injection or to determine the underlying framework based on the feed generator. There are no options, so you run the script as follows: ./nmap -p80 -n -Pn --script http-feed some-random-page.com -d1 The output looks like this: PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-feed: | Spidering limited to: maxpagecount=40; withinhost=some-random-page.com | Found the following feeds: | RSS (version 2.0): http://www.some-random-page.com/2011/11/20/feed/ | RSS (version 2.0): http://www.some-random-page.com/2011/12/04/feed/ | RSS (version 2.0): http://www.some-random-page.com/category/animalsfeed/ | RSS (version 2.0): http://www.some-random-page.com/comments/feed/ |_ RSS (version 2.0): http://www.some-random-page.com/feed/ Note that for large web applications, you will have to increase httpspider's 'maxpagecount' value (for example, to a value above 100). But beware because the script will become more intrusive. -- George Chatzisofroniou
Attachment:
http-feed.nse
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] http-feed.nse George Chatzisofroniou (Aug 12)
- Re: [NSE] http-feed.nse David Fifield (Aug 16)
- Re: [NSE] http-feed.nse George Chatzisofroniou (Aug 17)
- Re: [NSE] http-feed.nse David Fifield (Aug 17)
- Re: [NSE] http-feed.nse George Chatzisofroniou (Aug 17)
- Re: [NSE] http-feed.nse George Chatzisofroniou (Aug 17)
- Re: [NSE] http-feed.nse David Fifield (Aug 16)
- Re: [NSE] http-feed.nse George Chatzisofroniou (Aug 22)