Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

converts an nse script that works on HTTP to HTTPS

From: Russell Fulton <r.fulton () auckland ac nz>
Date: Sun, 10 Mar 2019 11:44:55 +1300
With the recent Drupal vulnerability We decided to find all our Drupal instance.  Shodan told us about externally 
visible ones and we turned to nmap to check for any that are lurking on the internal network.  The problem is that 
'http-drupal-enum’ appears not to know about HTTPS and most of our sites use HTTPS (as a matter fo policy).   I say 
appears since we told nmap to scan both port 80 and 443 but the scan found only those instances that were listening on 
port 80.

I have never done development on nse scripts before although I am an experience programmer. I am will to have a go at 
converting the script to use HTTPS but only if it is relatively straight forward.  

I have tried searching for things related to nse and https but did not find anything useful.

Can someone point me to so docs that would be useful?  Or have I missed something obvious as I have done before ;)

Russell
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: