PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 21:21:31 +00:00
Code Issues Projects Releases Wiki Activity
Files
40b0f784e7cce2ca3888a2fd3bbf4ab8f73f7706
nmap/scripts/http-date.nse
david 40b0f784e7 Make http-date.nse capable of printing time differences in years. A web 
server with a date in 2007 was producing the output

|_ http-date: Sun, 07 Jan 2007 08:17:36 GMT; -918d13h46m40s from local time.

Now it is

|_ http-date: Sun, 07 Jan 2007 09:01:44 GMT; -2y187d13h46m40s from local time.
2009-07-13 22:48:53 +00:00

113 lines
3.1 KiB
Lua
Raw Blame History

description = [[
Gets the date from HTTP-like services. Also prints how much the date
differs from local time. Local time is the time the HTTP request was
sent, so the difference includes at least the duration of one RTT.
]]
---
-- @output
-- 80/tcp open http
-- |_ http-date: Mon, 13 Jul 2009 22:44:27 GMT; -5s from local time.
-- 80/tcp open http
-- |_ http-date: Sun, 07 Jan 2007 08:57:52 GMT; -2y187d13h46m40s from local time.
author = "David Fifield <david@bamsoftware.com>"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"discovery", "safe"}
require("http")
require("shortport")
portrule = shortport.port_or_service({80, 443, 631, 8080},
{"http", "https", "ipp", "http-alt"})
-- Turn a positive or negative number of seconds into a string in one of the
-- forms. Signs can of course vary.
-- 0s
-- -4s
-- +02m38s
-- -9h12m34s
-- +5d17h05m06s
-- -2y177d10h13m20s
local function format_difftime(t2, t1)
local d, s, sign, yeardiff
d = os.difftime(os.time(t2), os.time(t1))
if d > 0 then
sign = "+"
elseif d < 0 then
sign = "-"
t2, t1 = t1, t2
d = -d
else
sign = ""
end
-- t2 is always later than or equal to t1 here.
-- The year is a tricky case because it's not a fixed number of days
-- the way a day is a fixed number of hours or an hour is a fixed
-- number of minutes. For example, the difference between 2008-02-10
-- and 2009-02-10 is 366 days because 2008 was a leap year, but it
-- should be printed as 1y0d0h0m0s, not 1y1d0h0m0s. We advance t1 to be
-- the latest year such that it is still before t2, which means that its
-- year will be equal to or one less than t2's. The number of years
-- skipped is stored in yeardiff.
if t2.year > t1.year then
local tmpyear = t1.year
-- Put t1 in the same year as t2.
t1.year = t2.year
d = os.difftime(os.time(t2), os.time(t1))
if d < 0 then
-- Too far. Back off one year.
t1.year = t2.year - 1
d = os.difftime(os.time(t2), os.time(t1))
end
yeardiff = t1.year - tmpyear
t1.year = tmpyear
else
yeardiff = 0
end
-- Seconds.
local sec = d % 60
s = string.format("%gs", sec)
d = math.floor(d / 60)
if d == 0 and yeardiff == 0 then return sign .. s end
-- Minutes.
s = string.format("%02dm%02ds", d % 60, sec)
d = math.floor(d / 60)
if d == 0 and yeardiff == 0 then return sign .. s end
-- Hours.
s = string.format("%dh", d % 24) .. s
d = math.floor(d / 24)
if d == 0 and yeardiff == 0 then return sign .. s end
-- Days.
s = string.format("%dd", d) .. s
if yeardiff == 0 then return sign .. s end
-- Years.
s = string.format("%dy", yeardiff) .. s
return sign .. s
end
action = function(host, port)
-- Get the local date in UTC.
local request_date = os.date("!*t")
local response = http.get(host, port, "/")
if not response.status or not response.header["date"] then
return
end
local response_date = http.parse_date(response.header["date"])
if not response_date then
return
end
-- Should account for estimated RTT too.
local diff = format_difftime(response_date, request_date)
return string.format("%s; %s from local time.",
response.header["date"], diff)
end
Reference in New Issue View Git Blame Copy Permalink