Nmap Development mailing list archives
Re: http-enum with virtual hosts
From: Ron <ron () skullsecurity net>
Date: Fri, 1 Jul 2011 12:13:02 -0500
I can confirm it's working as expected by scanning my own host (www.javaop.com): ----------- GET /cwhp/auditLog.do?file=..............Program%20FilesCSCOpxlibclasspathcomcisco mcmfdbservice2DBServer.properties HTTP/1.1 Connection: close User-Agent: Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html) Host: www.javaop.com <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>404 Not Found</title> </head><body> <h1>Not Found</h1> <p>The requested URL /cwhp/auditLog.do was not found on this server.</p> <hr> <address>Apache Server at x86labs.org Port 80</address> </body></html> ----------- I don't have time to play around much, but the problem isn't the virtual host argument - the "host:" is there as expected. Ron On Fri, 1 Jul 2011 20:07:22 +0300 Toni Ruottu <toni.ruottu () iki fi> wrote:
Maybe there is some other problem. I am running an instance of Mediawiki at javascript0.org and I understood http-enum would be able to detect that. Is this correct? Could you try scanning that host to see if it works for you? On Fri, Jul 1, 2011 at 6:08 PM, Ron <ron () skullsecurity net> wrote:http-enum uses the standard http functions, which use (or used to use) stdnse.get_hostname(), which *should* use the name supplied on the commandline (unless something's changed). I tested with vhosts a long time ago and it worked, so if it stopped working then there's something wrong. Ron On Fri, 1 Jul 2011 17:23:27 +0300 Toni Ruottu <toni.ruottu () iki fi> wrote:Is there a way to use http-enum with virtualhosts? I'm running multiple sites from one IP address, and the content depends on the dns name. I think http-enum currently ignores the dns name I give to nmap. --Toni_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- http-enum with virtual hosts Toni Ruottu (Jul 01)
- Re: http-enum with virtual hosts Ron (Jul 01)
- Re: http-enum with virtual hosts Toni Ruottu (Jul 01)
- Re: http-enum with virtual hosts Ron (Jul 01)
- Re: http-enum with virtual hosts Patrik Karlsson (Jul 01)
- Re: http-enum with virtual hosts Toni Ruottu (Jul 01)
- Re: http-enum with virtual hosts Ron (Jul 01)