Nmap Development mailing list archives

Re: New script - http-favicon.nse

From: Kris Katterjohn <katterjohn () gmail com>
Date: Thu, 06 Nov 2008 16:30:24 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/06/2008 04:05 PM, Fyodor wrote:

I do think the script itself has potential.  What would be
particularly useful is if someone did an -iR scan (-p80 -n -PN) with
the script and collected all the favicon fingerprints.  Then you could
reverse-sort them by frequency and figure out the software behind the
most common ones (and add it to the DB).  Neither the Nessus plugin
nor the Nikto one seem very comprehensive.


And don't forget that if we decide to have a decent-sized DB for this, it can
always be moved to a separate file to not clutter up the script itself.

We talked about having a scripts/data directory like the nselib/data that
exists now, but (I believe it was a script of jah's we were talking about) it
turns out we didn't need it.  But it can always be added for this or others.

You can see nselib/unpwdb.lua for an example fetchfile() usage.

Cheers,
-F


Thanks,
Kris Katterjohn

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSRNv/v9K37xXYl36AQIIDA//RbiE2QCfsCDLRV8eDKDZaYkkL1QvPk1e
D1aupWBwX+mHP+T32FsW4UvQ5Xfd8gfbS/Ve8Wf4WmOzgGheInKk15htWi8Mo2HX
d1iFYXiFxX163MOvAla7cjsXiOzDQ5SlxA+1oQ5iKOAjeMdjU+DoAd9k5lyyW/Mu
hRiR6zlGUoZcfyh2YtrJSNJCKAeEW0guJYoeak3huIK/+R73I9wrP5bx8cV5te5q
MaNLeNTNgG5eS43pXTAXa8OX+uNY90XyqhHtJkRf4TKUv6x8Mb8quuEGYPf2SZW9
BsHcK9RteRX20P99w9KB2UpUjRimscPF5qjDVY+DxzRLyH0+xtife8IkNcqtJcdq
aAMHynS91EOiyeid61q+nU2qM/kfc2CIB7aBqCy4PrSHOxskF3KPLVYoboYK7y+c
Gpf8z2vh1mFqJImNTWBs9+Qas0NmCGy775NzQLor3jH7fJBSj+T88mRbTxckSRb6
stE3xJiUACKe6mRpsQRQHK7j/ZArj7vyNCaathV6iy05UyTPc4CAN2ewX+cdZ3ET
uNKMvf8klXJMd0rwF8OxqLcz9sHbyzJ2DO0ETnKfcXqxSyMi+Bda6XTbQLPXRhwh
93BRHtTy7x6gnqk8dAHCMuz4dG9Yx4MlEkO8eSDmZqpumUqX0jsnTaqTScJRwM2R
Yg+sc86Y7GE=
=o64Z
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Re: New script - http-favicon.nse, (continued)
- - - Re: New script - http-favicon.nse dave-san (Nov 06)
    - Re: New script - http-favicon.nse dave-san (Nov 06)
    - Re: New script - http-favicon.nse Sullo (Nov 06)
    - Re: New script - http-favicon.nse dave-san (Nov 06)
    - Re: New script - http-favicon.nse Sullo (Nov 06)
    - Re: New script - http-favicon.nse Vlatko Kosturjak (Nov 06)
  - Re: New script - http-favicon.nse Vlatko Kosturjak (Nov 06)
    - Re: New script - http-favicon.nse Kris Katterjohn (Nov 06)
    - Re: New script - http-favicon.nse Vlatko Kosturjak (Nov 06)
  - Re: New script - http-favicon.nse Fyodor (Nov 06)
    - Re: New script - http-favicon.nse Kris Katterjohn (Nov 06)
    - Re: New script - http-favicon.nse Vlatko Kosturjak (Nov 06)
    - Re: New script - http-favicon.nse Brandon Enright (Nov 06)
    - Re: New script - http-favicon.nse Vlatko Kosturjak (Nov 07)
- Re: New script - http-favicon.nse Javier Fernández-Sanguino Peña (Nov 29)
  - Re: New script - http-favicon.nse Vlatko Kosturjak (Dec 01)
    - Re: New script - http-favicon.nse David Fifield (Dec 01)