PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 21:21:31 +00:00
Code Issues Projects Releases Wiki Activity

[NSE] Updated Robtex scripts to make them work again. Primarily, changed the addresses to https and corrected some wrong patterns.

Browse Source
This commit is contained in:
sophron
2013-10-31 17:15:52 +00:00
parent 901e414927
commit f57b58d095
3 changed files with 18 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/hostmap-robtex.nse
View File

@@ -51,7 +51,7 @@ hostrule = function (host)
end end
action = function (host) action = function (host)
local link = "http://ip.robtex.com/" .. host.ip .. ".html" local link = "https://ip.robtex.com/" .. host.ip .. ".html"
local htmldata = http.get_url(link) local htmldata = http.get_url(link)
local domains = parse_robtex_response(htmldata.body) local domains = parse_robtex_response(htmldata.body)
local output_tab = stdnse.output_table() local output_tab = stdnse.output_table()

7
scripts/http-robtex-reverse-ip.nse
View File

@@ -48,8 +48,8 @@ categories = {"discovery", "safe", "external"}
function parse_robtex_response(data) function parse_robtex_response(data)
local data = string.gsub(data,"\r?\n","") local data = string.gsub(data,"\r?\n","")
local result = {} local result = {}
for num,href,link in string.gmatch(data,"<span id=\"dns(%d+)\"><a href=\"(.-)\">(.-)</a></span>") do for href, link in string.gmatch(data,"<li><a href=\"([^\"^']-)\" >([^\"^']-)</a></li>") do
table.insert(result,link) table.insert(result, link)
end end
return result return result
end end
@@ -57,13 +57,14 @@ end
prerule = function() return stdnse.get_script_args("http-robtex-reverse-ip.host") ~= nil end prerule = function() return stdnse.get_script_args("http-robtex-reverse-ip.host") ~= nil end
action = function(host, port) action = function(host, port)
local target = stdnse.get_script_args("http-robtex-reverse-ip.host") local target = stdnse.get_script_args("http-robtex-reverse-ip.host")
local ip = ipOps.ip_to_str(target) local ip = ipOps.ip_to_str(target)
if ( not(ip) or #ip ~= 4 ) then if ( not(ip) or #ip ~= 4 ) then
return stdnse.format_output(false, "The argument \"http-robtex-reverse-ip.host\" did not contain a valid IPv4 address") return stdnse.format_output(false, "The argument \"http-robtex-reverse-ip.host\" did not contain a valid IPv4 address")
end end
local link = "http://www.robtex.com/ip/"..target..".html" local link = "https://www.robtex.com/ip/"..target..".html"
local htmldata = http.get_url(link) local htmldata = http.get_url(link)
local domains = parse_robtex_response(htmldata.body) local domains = parse_robtex_response(htmldata.body)
if ( #domains > 0 ) then if ( #domains > 0 ) then

30
scripts/http-robtex-shared-ns.nse
View File

@@ -13,7 +13,7 @@ The target must be specified by DNS name, not IP address.
-- @usage -- @usage
-- nmap --script http-robtex-shared-ns -- nmap --script http-robtex-shared-ns
-- --
-- @output -- @outt
-- Host script results: -- Host script results:
-- | http-robtex-shared-ns: -- | http-robtex-shared-ns:
-- | example.edu -- | example.edu
@@ -43,12 +43,13 @@ end
function parse_robtex_response(data) function parse_robtex_response(data)
local result = {} local result = {}
-- cut out the section we're interested in
data = data:match("<span id=\\\"sharednss?\\\">.-<ul.->(.-)</ul>")
if ( not(data) ) then if ( not(data) ) then
return return
end end
-- cut out the section we're interested in
data = data:match("<span id=\"sharednss\">.-<ul.->(.-)</ul>")
-- process each html list item -- process each html list item
for li in data:gmatch("<li>(.-)</li>") do for li in data:gmatch("<li>(.-)</li>") do
local domain = li:match("<a.->(.*)</a>") local domain = li:match("<a.->(.*)</a>")
@@ -65,34 +66,20 @@ local function lookup_dns_server(data)
end end
local function fetch_robtex_data(url) local function fetch_robtex_data(url)
local htmldata = http.get_url(url) local htmldata = http.get("www.robtex.com", 443, url)
if ( not(htmldata) or not(htmldata.body) ) then if ( not(htmldata) or not(htmldata.body) ) then
return return
end end
local url = htmldata.body:match("var%s*uurl%s*='([^']*)")
if ( not(url) ) then
return
end
-- retreive the url having the shared dns information
htmldata = http.get_url(url)
if ( not(htmldata) or not(htmldata.body) ) then
return
end
-- fixup line breaks
htmldata = htmldata.body:gsub("(.-)\\\r?\n", "%1")
-- fixup hex encodings -- fixup hex encodings
return unescape(htmldata) return unescape(htmldata.body)
end end
hostrule = function (host) return host.targetname end hostrule = function (host) return host.targetname end
action = function(host) action = function(host)
local base_url = "http://www.robtex.com/dns/%s.html" local base_url = "/dns/" .. host.targetname .. ".html"
local data = fetch_robtex_data(base_url:format(host.targetname)) local data = fetch_robtex_data(base_url)
local domains = parse_robtex_response(data) local domains = parse_robtex_response(data)
if ( not(domains) ) then if ( not(domains) ) then
@@ -103,6 +90,7 @@ action = function(host)
local url = base_url:format(server) local url = base_url:format(server)
stdnse.print_debug(2, "%s: Querying URL: %s", SCRIPT_NAME, url) stdnse.print_debug(2, "%s: Querying URL: %s", SCRIPT_NAME, url)
data = fetch_robtex_data(url) data = fetch_robtex_data(url)
domains = parse_robtex_response(data) domains = parse_robtex_response(data)
end end