Nmap Development mailing list archives
converts an nse script that works on HTTP to HTTPS
From: Russell Fulton <r.fulton () auckland ac nz>
Date: Sun, 10 Mar 2019 11:44:55 +1300
With the recent Drupal vulnerability We decided to find all our Drupal instance. Shodan told us about externally visible ones and we turned to nmap to check for any that are lurking on the internal network. The problem is that 'http-drupal-enum’ appears not to know about HTTPS and most of our sites use HTTPS (as a matter fo policy). I say appears since we told nmap to scan both port 80 and 443 but the scan found only those instances that were listening on port 80. I have never done development on nse scripts before although I am an experience programmer. I am will to have a go at converting the script to use HTTPS but only if it is relatively straight forward. I have tried searching for things related to nse and https but did not find anything useful. Can someone point me to so docs that would be useful? Or have I missed something obvious as I have done before ;) Russell _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- converts an nse script that works on HTTP to HTTPS Russell Fulton (Mar 16)
- Re: converts an nse script that works on HTTP to HTTPS nnposter (Mar 17)