Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- -- Nmap NSE file-checker.nse - Version 1.0
- -- Copy script to: /usr/share/nmap/scripts/file-checker.nse
- -- Update db: sudo nmap --script-updatedb
- -- executing: nmap --script-help file-checker.nse
- -- executing: nmap -sS -Pn -p 80 --script file-checker.nse <target>
- -- executing: nmap -sS -Pn -p 80 --script file-checker.nse --script-args file=/robots.txt <target>
- -- Script Banner Description
- description = [[
- Author: r00t-3xp10it
- Quick NSE script to check if the selected file/path/folder exists
- on target webserver by checking google API return codes.
- 'default behavior its to search for robots.txt file'
- Some Syntax examples:
- nmap -sS -Pn -p 80 --script file-checker.nse <target>
- nmap -sS -Pn -p 80 --script file-checker.nse --script-args file=/privacy/ <target>
- nmap -sS -sV -iR 40 -p 80 --open --script file-checker.nse --script-args file=/robots.txt -oN /root/report.log
- ]]
- ---
- -- @usage
- -- nmap --script-help file-checker.nse
- -- nmap -sS -Pn -p 80 --script file-checker.nse <target>
- -- nmap -sS -Pn -p 80 --script file-checker.nse --script-args file=/robots.txt <target>
- -- nmap -sS -Pn -p 80 --script file-checker.nse --script-args file=/privacy/ 113.38.34.72
- -- @output
- -- PORT STATE SERVICE
- -- 80/tcp open http
- -- | file-checker: /robots.txt
- -- | : STRING FOUND...
- -- |_ : returned 200 OK
- -- @args file-checker.file the file/path name to search. Default: /robots.txt
- ---
- author = "r00t-3xp10it"
- license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
- categories = {"discovery", "safe"}
- -- Dependencies (lua libraries)
- local shortport = require "shortport"
- local stdnse = require ('stdnse')
- local http = require "http"
- -- Port rule will only execute if port 80/tcp http is open
- portrule = shortport.port_or_service({80}, "http", "tcp", "open")
- -- Seach for string stored in variable @args.file or use default
- local file = stdnse.get_script_args(SCRIPT_NAME..".file") or "/robots.txt"
- -- THE ACTION SECTION --
- action = function(host, port)
- local response = http.get(host, port, file)
- -- Check google API return codes
- if (response.status == 200 ) then
- return file.."\n : STRING FOUND...\n : returned 200 OK\n"
- elseif (response.status == 400 ) then
- return file.."\n : BadRequest...\n : returned 400 BadRequest\n"
- elseif (response.status == 302 ) then
- return file.."\n : Redirected...\n : returned 302 Redirected\n"
- elseif (response.status == 401 ) then
- return file.."\n : Unauthorized...\n : returned 401 Unauthorized\n"
- elseif (response.status == 404 ) then
- return file.."\n : STRING NOT FOUND...\n : returned 404 NOT FOUND\n"
- elseif (response.status == 403 ) then
- return file.."\n : Forbidden...\n : returned 403 Forbidden\n"
- elseif (response.status == 503 ) then
- return file.."\n : Service_unavailable...\n : returned 503 Service_unavailable\n"
- else
- return file.."\n : UNDEFINED ERROR...\n : returned "..response.status.."\n"
- end
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement