Nmap Development mailing list archives
[NSE] Two new scripts: http-google-email and http-reverse-ip
From: Shinnok <admin () shinnok com>
Date: Thu, 28 Jul 2011 00:01:09 +0300
Hi nmap-dev, As stated in some of my previous e-mails, I started tinkering with NSE and LUA a bit, just so I don't miss this part of Nmap fun and I want to share with you two scripts I've written: 1. Google Web Search and Google Groups Search e-mail discovery This one attempts to search for e-mails pertaining to a specific domain in Google's Web search engine(google.com) and Google Groups search engine(groups.google.com). Sample output: ./nmap -p80 --script http-google-email insecure.org Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2011-07-27 23:53 EEST Nmap scan report for insecure.org (74.207.254.18) Host is up (0.19s latency). rDNS record for 74.207.254.18: web.insecure.org PORT STATE SERVICE 80/tcp open http | http-google-email: | nmap-dev () insecure org | nmap-svn () insecure org |_fyodor () insecure org Nmap done: 1 IP address (1 host up) scanned in 4.01 seconds 2. Reverse domain ip lookup using Bing This one attempts to find domains that are hosted on a specific ip address using Bing's ip: operator. Sample output: ./nmap -p80 --script http-reverse-ip insecure.org Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2011-07-27 23:55 EEST Nmap scan report for insecure.org (74.207.254.18) Host is up (0.20s latency). rDNS record for 74.207.254.18: web.insecure.org PORT STATE SERVICE 80/tcp open http | http-reverse-ip: | nmap.org | insecure.org | secwiki.org |_images.insecure.org Nmap done: 1 IP address (1 host up) scanned in 1.75 seconds The both take a "pages" argument that specifies the number of results pages to request from search engines(the default is 5) and a domain and host argument respectively, that can be used to query a different target then the one nmap scans. I used http-google-malware.nse as a reference and the results are far from perfect and since they are my first attempts at NSE I am welcome to suggestions, improvements and conformance hints. Thanks, Shinnok
Attachment:
http-google-email.nse
Description:
Attachment:
http-reverse-ip.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Two new scripts: http-google-email and http-reverse-ip Shinnok (Jul 27)
- Re: [NSE] Two new scripts: http-google-email and http-reverse-ip Patrik Karlsson (Jul 28)
- Re: [NSE] Two new scripts: http-google-email and http-reverse-ip Martin Holst Swende (Jul 31)
- Re: [NSE] Two new scripts: http-google-email and http-reverse-ip Patrik Karlsson (Jul 28)