PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-27 01:49:03 +00:00
Code Issues Projects Releases Wiki Activity
Files
a44a66c68a188c5335f97fa7ba2d38cccc6c7684
nmap/scripts/robots.txt.nse
david 6fbc8868a9 Rename scripts (almost all of them) to make their names more consistent and 
make them look better in output. The full list of changes is
  anonFTP => ftp-anon
  ASN => asn-query
  brutePOP3 => pop3-brute
  bruteTelnet => telnet-brute
  daytimeTest => daytime
  dns-safe-recursion-port => dns-random-srcport
  dns-safe-recursion-txid => dns-random-txid
  dns-test-open-recursion => dns-recursion
  ftpbounce => ftp-bounce
  HTTPAuth => http-auth
  HTTP_open_proxy => http-open-proxy
  HTTPpasswd => http-passwd
  HTTPtrace => http-trace
  iax2Detect => iax2-version
  ircServerInfo => irc-info
  ircZombieTest => irc-zombie
  MSSQLm => ms-sql-info
  MySQLinfo => mysql-info
  popcapa => pop3-capabilities
  PPTPversion => pptp-version
  promiscuous => sniffer-detect
  RealVNC_auth_bypass => realvnc-auth-bypass
  robots => robots.txt
  showHTMLTitle => html-title
  showOwner => identd-owners
  skype_v2-version => skypev2-version
  smb-enumdomains => smb-enum-domains
  smb-enumsessions => smb-enum-sessions
  smb-enumshares => smb-enum-shares
  smb-enumusers => smb-enum-users
  smb-serverstats => smb-server-stats
  smb-systeminfo => smb-system-info
  SMTPcommands => smtp-commands
  SMTP_openrelay_test => smtp-open-relay
  SNMPcommunitybrute => snmp-brute
  SNMPsysdescr => snmp-sysdescr
  SQLInject => sql-injection
  SSH-hostkey => ssh-hostkey
  SSHv1-support => sshv1
  SSLv2-support => sslv2
  strangeSMTPport => smtp-strangeport
  UPnP-info => upnp-info
  xamppDefaultPass => xampp-default-auth
  zoneTrans => zone-transfer
2008-11-06 02:52:59 +00:00

108 lines
2.6 KiB
Lua
Raw Blame History

description = [[
Checks for disallowed entries in <code>robots.txt</code>.
The higher the verbosity or debug level, the more disallowed entries are shown.
]]
---
--@output
-- 80/tcp open http syn-ack
-- | robots.txt: has 156 disallowed entries (40 shown)
-- | /news?output=xhtml& /search /groups /images /catalogs
-- | /catalogues /news /nwshp /news?btcid=*& /news?btaid=*&
-- | /setnewsprefs? /index.html? /? /addurl/image? /pagead/ /relpage/
-- | /relcontent /sorry/ /imgres /keyword/ /u/ /univ/ /cobrand /custom
-- | /advanced_group_search /googlesite /preferences /setprefs /swr /url /default
-- | /m? /m/? /m/lcb /m/news? /m/setnewsprefs? /m/search? /wml?
-- |_ /wml/? /wml/search?
require('shortport')
require('strbuf')
require('http')
author = "Eddie Bell <ejlbell@gmail.com>"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"default", "safe"}
runlevel = 1.0
portrule = shortport.port_or_service({80, 8080}, {"http"})
local last_len = 0
-- split the output in 50 character length lines
local function buildOutput(output, w)
if w:len() == 0 then
return nil
end
-- check for duplicates
for i,v in ipairs(output) do
if w == v or w == v:sub(2, v:len()) then
return nil
end
end
-- format lines
if last_len == 0 or last_len + w:len() <= 50 then
last_len = last_len + w:len()
nl = ''
else
last_len = 0
nl = '\n'
end
output = output .. (nl .. w)
end
-- parse all disallowed entries in body and add them to a strbuf
local function parse_robots(body, output)
for line in body:gmatch("[^\r\n]+") do
for w in line:gmatch('[Dd]isallow:%s*(.*)') do
w = w:gsub("%s*#.*", "")
buildOutput(output, w)
end
end
return #output
end
action = function(host, port)
local answer = http.get(host, port, "/robots.txt" )
if answer.status ~= 200 then
return nil
end
local v_level = nmap.verbosity() + (nmap.debugging()*2)
local output = strbuf.new()
local detail = 15
dis_count = parse_robots(answer.body, output)
if dis_count == 0 then
return "is empty or has no disallowed entries"
end
-- verbose/debug mode, print 50 entries
if v_level > 1 and v_level < 5 then
detail = 40
-- double debug mode, print everything
elseif v_level >= 5 then
detail = dis_count
end
-- check we have enough entries
if detail > dis_count then
detail = dis_count
end
noun = dis_count == 1 and "entry " or "entries "
shown = (detail == 0 or detail == dis_count)
and "\n" or '(' .. detail .. ' shown)\n'
return "has " .. dis_count .. " disallowed " .. noun ..
shown .. table.concat(output, ' ', 1, detail)
end
Reference in New Issue View Git Blame Copy Permalink