Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NSE for checking crossdomain.xml

From: Seth Art <sethsec () gmail com>
Date: Wed, 8 Apr 2015 14:11:02 -0400
Paulino - Thanks so much for fixing up and adding the script.  This is my
first contribution to a well known open source project, and it feels so
great to see it live!

Thanks you Daniel also for digging it up from the mailing list!

-Seth

On Wed, Apr 8, 2015 at 12:05 PM, Paulino Calderon Pale <
paulino () calderonpale com> wrote:


Hi,

I’ve committed in r34406 an updated version of this script which fixes an
issue with the web service, adds structured output, removes unnecessary
code by using stones and fixes a couple of bugs related to tld handling.

Thank you Seth for your submission. It took us some time but we finally
got it included! This script certainly adds a necessary check needed while
testing RIA applications.

http-crossdomainxml:
https://svn.nmap.org/nmap/scripts/http-crossdomainxml.nse

Cheers.

On Sep 29, 2014, at 10:47 PM, Seth Art <sethsec () gmail com> wrote:

List,

I've created a NSE script that looks for the existence of
crossdomain.xml files and will provide the user with the following
information:

1) If a wildcard exists, it will alert the user.

2) If specific domains are trusted by the crossdomain.xml, it will
tell the user that there could still be risk, and it will give the
user a comma delimited list of domains that are trusted, and encourage
the user to check the availability of the trusted domains.

You can see this better in the sample output in the NSE.

https://github.com/sethsec/crossdomain-exploitation-framework/blob/master/http-crossdomain.nse


For more information on what this script does, skip to the 20th minute
of my DerbyCon talk from this weekend:
https://www.youtube.com/watch?v=v_5dTJYjSMA&list=UU4PBNDLlS4d75MP0xxcukGA

Like Mariusz who just posted a few hours ago, this is also my first
NSE, and I'm completely open to feedback or guidance.

For those that are wondering, the reason I did not go with an version
that automatically does the lookup, is that I could not find a domain
availability lookup source that allows access to an API without an API
key.   If anyone has a way to check domain availability that is
completely open and in line with the terms of service, I'd be very
interested to automate that portion of this script.

Regards,

Seth Art
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/




_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: