SHARE
TWEET

file-checker.nse (check if file exists on webserver)

r00t-3xp10it Jun 18th, 2015 (edited) 518 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. -- Nmap NSE file-checker.nse - Version 1.0
  2. -- Copy script to: /usr/share/nmap/scripts/file-checker.nse
  3. -- Update db: sudo nmap --script-updatedb
  4. -- executing: nmap --script-help file-checker.nse
  5. -- executing: nmap -sS -Pn -p 80 --script file-checker.nse <target>
  6. -- executing: nmap -sS -Pn -p 80 --script file-checker.nse --script-args file=/robots.txt <target>
  7.  
  8.  
  9. -- Script Banner Description
  10. description = [[
  11.  
  12. Author: r00t-3xp10it
  13. Quick NSE script to check if the selected file/path/folder exists
  14. on target webserver by checking google API return codes.
  15. 'default behavior its to search for robots.txt file'
  16.  
  17. Some Syntax examples:
  18. nmap -sS -Pn -p 80 --script file-checker.nse <target>
  19. nmap -sS -Pn -p 80 --script file-checker.nse --script-args file=/privacy/ <target>
  20. nmap -sS -sV -iR 40 -p 80 --open --script file-checker.nse --script-args file=/robots.txt -oN /root/report.log
  21. ]]
  22.  
  23. ---
  24. -- @usage
  25. -- nmap --script-help file-checker.nse
  26. -- nmap -sS -Pn -p 80 --script file-checker.nse <target>
  27. -- nmap -sS -Pn -p 80 --script file-checker.nse --script-args file=/robots.txt <target>
  28. -- nmap -sS -Pn -p 80 --script file-checker.nse --script-args file=/privacy/ 113.38.34.72
  29. -- @output
  30. -- PORT   STATE SERVICE
  31. -- 80/tcp open  http
  32. -- | file-checker: /robots.txt
  33. -- |             : STRING FOUND...
  34. -- |_            : returned 200 OK
  35. -- @args file-checker.file the file/path name to search. Default: /robots.txt
  36. ---
  37.  
  38. author = "r00t-3xp10it"
  39. license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
  40. categories = {"discovery", "safe"}
  41.  
  42.  
  43. -- Dependencies (lua libraries)
  44. local shortport = require "shortport"
  45. local stdnse = require ('stdnse')
  46. local http = require "http"
  47.  
  48.  
  49. -- Port rule will only execute if port 80/tcp http is open
  50. portrule = shortport.port_or_service({80}, "http", "tcp", "open")
  51. -- Seach for string stored in variable @args.file or use default
  52. local file = stdnse.get_script_args(SCRIPT_NAME..".file") or "/robots.txt"
  53.  
  54.  
  55. -- THE ACTION SECTION --
  56. action = function(host, port)
  57. local response = http.get(host, port, file)
  58.  
  59. -- Check google API return codes
  60. if (response.status == 200 ) then
  61. return file.."\n            : STRING FOUND...\n            : returned 200 OK\n"
  62. elseif (response.status == 400 ) then
  63. return file.."\n            : BadRequest...\n            : returned 400 BadRequest\n"
  64. elseif (response.status == 302 ) then
  65. return file.."\n            : Redirected...\n            : returned 302 Redirected\n"
  66. elseif (response.status == 401 ) then
  67. return file.."\n            : Unauthorized...\n            : returned 401 Unauthorized\n"
  68. elseif (response.status == 404 ) then
  69. return file.."\n            : STRING NOT FOUND...\n            : returned 404 NOT FOUND\n"
  70. elseif (response.status == 403 ) then
  71. return file.."\n            : Forbidden...\n            : returned 403 Forbidden\n"
  72. elseif (response.status == 503 ) then
  73. return file.."\n            : Service_unavailable...\n            : returned 503 Service_unavailable\n"
  74. else
  75. return file.."\n            : UNDEFINED ERROR...\n            : returned "..response.status.."\n"
  76. end
  77. end
RAW Paste Data
Top