Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] Script Submission: HTTP Authentication Discovery

From: George Chatzisofroniou <sophron () latthi com>
Date: Wed, 23 Apr 2014 14:05:06 +0300
Hi Gabriel,

On Wed, Apr 23, 2014 at 12:44:51AM -0300, Gabriel de Lima Monteiro wrote:

Attached is a NSE implementation to http authentication discovery
script that check if a page has a simple login page.


It simply check if the server return the 401 code.


You can already do this using the http-error script like this:

./nmap -p80 -n -Pn --script http-errors --script-args 'http-errors.errcodes={401}' scanme.nmap.org -d1

This script also makes use of NSE's HTTP crawler. Its title is kinda misleading
though, but all 4xx status codes are described as "client *error* codes".

-- 
George Chatzisofroniou
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: