Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NSE script for finding user and admin login pages

From: Rewanth Cool <ravatheruler4 () gmail com>
Date: Mon, 17 Apr 2017 06:34:45 +0530
Hi Varunram,

You are absolutely right about saying there are more than 500 fingerprints
for the same in http-fingerprints.lua. But for the fact, http-fingerprints
doesn't have any method for filtering the urls. It will be scanning all the
urls in its huge file with more than 12,000 lines of code.

What if the user has prior knowledge on what to scan and want to scan
exclusively for admin/login pages? Making him execute huge
http-fingerprints isn't a good idea. Executing http-fingerprints completely
takes at least 1 hour on an good internet connection whereas my new script
takes hardly 10-15 minutes even on an average internet connection as my new
script filters all the unwanted urls from the list.

My script takes the extension of the website as a parameter which boils
down the urls from 560 to 140 and this is the reason for the faster
execution of my script.

I marked a TODO task also in the script where we have to write a scraper
function which crawls the website and automatically fetches the extension
being used by the website like php, jsp, asp, aspx and so on, if and only
if the user doesn't give the extension parameter through command line.
Implementing this will work greatly when extension parameter is not given
as an argument as it automatically filters the urls from 560 to 140 and
saves a lot of time.

Of course http-fingerprints give a lot more information than my script.I
don' think making him wait for long time and giving him the results which
he is not interested in or not necessary is a good idea.  What's the use in
giving the information that the user is not interested in by killing his
precious time? (1 hour VS 10 minutes).

FYI, my script also contains around 550 urls which exclusively point to
admin/login pages.

Hope this explanation gives a clear picture on why to use my new script
instead of http-fingerprints while finding for admin/login pages.

Thanks,
Rewanth.

On Sun, Apr 16, 2017 at 5:23 PM, Varunram Ganesh <vrg2009 () ymail com> wrote:


Hello Rrewanth,


As commented on your PR by Gyani and myself, a new script is not
necessarily needed for this functionality. http-fingerprints.lua already
does this and has over 500 fingerprints for the same.


Cheers,

Varunram


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: