nmap_http_screenshot

description = [[
        Gets a screenshot if webserver is present
]]

author = "Anon"
license = "GPLv2"
categories = {"discovery", "safe"}
local shortport = require "shortport"
local stdnse = require "stdnse"
portrule = shortport.http
action = function(host, port)
        local ssl = port.version.service_tunnel
        local prefix = "http"
        local filename = "screenshot-nmap-" .. host.targetname .. ":" .. port.number .. ".png"

        if ssl == "ssl" then
                prefix = "https"
        end
        if port.number == 443 then
                prefix = "https"
        end

        local cmd = "cutycapt --url=" .. prefix .. "://" .. host.targetname .. ":" .. port.number .. " --out='" .. filename .. "' 2> /dev/null   >/dev/null"
        local ret = os.execute(cmd)
        local result = "failed (verify cutycapt is in your path)"
        if ret then
                result = "Saved to " .. filename
        end
        return stdnse.format_output(true,  result)
end