Nmap Development mailing list archives
Re: New script - http-favicon.nse
From: Kris Katterjohn <katterjohn () gmail com>
Date: Thu, 06 Nov 2008 16:30:24 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 11/06/2008 04:05 PM, Fyodor wrote:
I do think the script itself has potential. What would be particularly useful is if someone did an -iR scan (-p80 -n -PN) with the script and collected all the favicon fingerprints. Then you could reverse-sort them by frequency and figure out the software behind the most common ones (and add it to the DB). Neither the Nessus plugin nor the Nikto one seem very comprehensive.
And don't forget that if we decide to have a decent-sized DB for this, it can always be moved to a separate file to not clutter up the script itself. We talked about having a scripts/data directory like the nselib/data that exists now, but (I believe it was a script of jah's we were talking about) it turns out we didn't need it. But it can always be added for this or others. You can see nselib/unpwdb.lua for an example fetchfile() usage.
Cheers, -F
Thanks, Kris Katterjohn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSRNv/v9K37xXYl36AQIIDA//RbiE2QCfsCDLRV8eDKDZaYkkL1QvPk1e D1aupWBwX+mHP+T32FsW4UvQ5Xfd8gfbS/Ve8Wf4WmOzgGheInKk15htWi8Mo2HX d1iFYXiFxX163MOvAla7cjsXiOzDQ5SlxA+1oQ5iKOAjeMdjU+DoAd9k5lyyW/Mu hRiR6zlGUoZcfyh2YtrJSNJCKAeEW0guJYoeak3huIK/+R73I9wrP5bx8cV5te5q MaNLeNTNgG5eS43pXTAXa8OX+uNY90XyqhHtJkRf4TKUv6x8Mb8quuEGYPf2SZW9 BsHcK9RteRX20P99w9KB2UpUjRimscPF5qjDVY+DxzRLyH0+xtife8IkNcqtJcdq aAMHynS91EOiyeid61q+nU2qM/kfc2CIB7aBqCy4PrSHOxskF3KPLVYoboYK7y+c Gpf8z2vh1mFqJImNTWBs9+Qas0NmCGy775NzQLor3jH7fJBSj+T88mRbTxckSRb6 stE3xJiUACKe6mRpsQRQHK7j/ZArj7vyNCaathV6iy05UyTPc4CAN2ewX+cdZ3ET uNKMvf8klXJMd0rwF8OxqLcz9sHbyzJ2DO0ETnKfcXqxSyMi+Bda6XTbQLPXRhwh 93BRHtTy7x6gnqk8dAHCMuz4dG9Yx4MlEkO8eSDmZqpumUqX0jsnTaqTScJRwM2R Yg+sc86Y7GE= =o64Z -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: New script - http-favicon.nse, (continued)
- Re: New script - http-favicon.nse dave-san (Nov 06)
- Re: New script - http-favicon.nse dave-san (Nov 06)
- Re: New script - http-favicon.nse Sullo (Nov 06)
- Re: New script - http-favicon.nse dave-san (Nov 06)
- Re: New script - http-favicon.nse Sullo (Nov 06)
- Re: New script - http-favicon.nse Vlatko Kosturjak (Nov 06)
- Re: New script - http-favicon.nse Kris Katterjohn (Nov 06)
- Re: New script - http-favicon.nse Vlatko Kosturjak (Nov 06)
- Re: New script - http-favicon.nse Kris Katterjohn (Nov 06)
- Re: New script - http-favicon.nse Vlatko Kosturjak (Nov 06)
- Re: New script - http-favicon.nse Brandon Enright (Nov 06)
- Re: New script - http-favicon.nse Vlatko Kosturjak (Nov 07)
- Re: New script - http-favicon.nse Vlatko Kosturjak (Dec 01)
- Re: New script - http-favicon.nse David Fifield (Dec 01)