PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 14:11:29 +00:00
Code Issues Projects Releases Wiki Activity

o [NSE] Added the Apache JServer Protocol (AJP) library and the scripts

Browse Source 
ajp-methods, ajp-headers and ajp-auth. [Patrik Karlsson]
This commit is contained in:
patrik
2012-05-07 18:49:22 +00:00
parent cec2dd7816
commit d02dafb630
6 changed files with 634 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
scripts/ajp-auth.nse Normal file
View File

@@ -0,0 +1,72 @@
description = [[
Retrieves the authentication scheme and realm of an AJP service that requires
authentication.
]]
---
-- @usage
-- nmap -p 8009 <ip> --script ajp-auth [--script-args ajp-auth.path=/login]
--
-- @output
-- PORT STATE SERVICE
-- 8009/tcp open ajp13
-- | ajp-auth:
-- |_ Digest opaque=GPui3SvCGBoHrRMMzSsgaYBV qop=auth nonce=1336063830612:935b5b389696b0f67b9193e19f47e037 realm=example.org
--
-- @args ajp-auth.path Define the request path
--
author = "Patrik Karlsson"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"default", "auth", "safe"}
local ajp = require('ajp')
local http = require('http')
local shortport = require('shortport')
portrule = shortport.port_or_service(8009, 'ajp13', 'tcp')
local arg_path = stdnse.get_script_args(SCRIPT_NAME .. ".path")
local function fail(err) return ("\n ERROR: %s"):format(err or "") end
action = function(host, port)
local helper = ajp.Helper:new(host, port)
if ( not(helper:connect()) ) then
return fail("Failed to connect to AJP server")
end
local status, answer = helper:get(arg_path or "/")
--- check for 401 response code
if ( not(status) or answer.status ~= 401 ) then
return
end
local result = { name = answer["status-line"]:match("^(.*)\r?\n$") }
local www_authenticate = answer.headers["www-authenticate"]
if not www_authenticate then
table.insert( result, ("Server returned status %d but no WWW-Authenticate header."):format(answer.status) )
return stdnse.format_output(true, result)
end
local challenges = http.parse_www_authenticate(www_authenticate)
if ( not(challenges) ) then
table.insert( result, ("Server returned status %d but the WWW-Authenticate header could not be parsed."):format(answer.status) )
table.insert( result, ("WWW-Authenticate: %s"):format(www_authenticate) )
return stdnse.format_output(true, result)
end
for _, challenge in ipairs(challenges) do
local line = challenge.scheme
if ( challenge.params ) then
for name, value in pairs(challenge.params) do
line = line .. (" %s=%s"):format(name, value)
end
end
table.insert(result, line)
end
return stdnse.format_output(true, result)
end