Nmap Development mailing list archives
Re: [NSE] new script - http-vlc
From: David Fifield <david () bamsoftware com>
Date: Fri, 27 Jul 2012 12:38:09 -0700
On Thu, Jul 26, 2012 at 05:25:46AM -0700, Alex Weber wrote:
Hi list, https://raw.github.com/AlexWebr/nse/master/http-vlc.nse Looks for VLC with an open web interface and tries to get the title/artist of the currently playing media. Also detects an old VLC bug - in version 1.* (fixed now), if you enabled web access, the default access list specified local connections only, but the (XML) API was still accessible remotely. -- @output -- PORT STATE SERVICE -- 80/tcp open http -- 8080/tcp open http-proxy -- | http-vlc: -- | VLC web interface (XML API) found -- | Old/insecure version of VLC! XML API access available, -- | even though web interface is configured for local access only. -- |_ -> Nothing playing right now Comments welcome - this was written at 3am, and could very well be unneeded/stupid/incomplete.
Hi Alex, thanks for this script. I'm curious to see what the above output looks like in addition to version detection (-sV)? David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] new script - http-vlc Alex Weber (Jul 26)
- Re: [NSE] new script - http-vlc David Fifield (Jul 27)
- Re: [NSE] new script - http-vlc David Fifield (Sep 07)
- Re: [NSE] new script - http-vlc Alex Weber (Sep 07)
- Re: [NSE] new script - http-vlc David Fifield (Sep 07)
- Re: [NSE] new script - http-vlc David Fifield (Jul 27)