PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-22 14:19:02 +00:00
Code Issues Projects Releases Wiki Activity

Adjusts data extraction patterns to match the updated Robtex layout.

Browse Source 
Original patch submitted by aDoN. Fixes #679, closes #681.
This commit is contained in:
nnposter
2017-03-05 16:52:25 +00:00
parent 99fa80851c
commit d7c8bf912d
2 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG
View File

@@ -1,5 +1,8 @@
# Nmap Changelog ($Id$); -*-text-*-
o [GH#679][GH#681][NSE] Refreshed script http-robtex-reverse-ip, reflecting
changes at the source site (www.robtex.com). [aDoN]
o [GH#708][NSE] TLS SNI now works correctly for NSE HTTP requests initiated
with option any_af. As an added benefit, option any_af is now available for
all connections via comm.lua, not just HTTP requests. [nnposter]

10
scripts/http-robtex-reverse-ip.nse
View File

@@ -4,7 +4,7 @@ local stdnse = require "stdnse"
local table = require "table"
description = [[
Obtains up to 100 forward DNS names for a target IP address by querying the Robtex service (http://www.robtex.com/ip/).
Obtains up to 100 forward DNS names for a target IP address by querying the Robtex service (https://www.robtex.com/ip-lookup/).
]]
---
@@ -45,11 +45,10 @@ categories = {"discovery", "safe", "external"}
-- @param data string containing the retrieved web page
-- @return table containing the resolved host names
function parse_robtex_response(data)
local data = data:match("<span id=\"shared_ma\">.-<ol.->(.-)</ol>")
local data = data:match("<h2>Shared</h2>(.-)<h2>History</h2>")
local result = {}
if data then
for domain in data:gmatch("<li[^>]*>(.-)</li>") do
domain = domain:gsub("<[^>]+>","")
for domain in data:gmatch('/dns%-lookup/(.-)"') do
table.insert(result, domain)
end
end
@@ -66,8 +65,7 @@ action = function(host, port)
return stdnse.format_output(false, "The argument \"http-robtex-reverse-ip.host\" did not contain a valid IPv4 address")
end
local link = "/ip/"..target..".html"
local htmldata = http.get("www.robtex.com", 443, link, {any_af=true})
local htmldata = http.get_url("https://www.robtex.com/ip-lookup/"..target, {any_af=true})
local domains = parse_robtex_response(htmldata.body)
if ( #domains > 0 ) then
return stdnse.format_output(true, domains)