Nmap Development mailing list archives
Re: George's status report - #8 of 16
From: Patrick Donnelly <batrick () batbytes com>
Date: Tue, 30 Jul 2013 16:15:34 -0400
On Tue, Jul 30, 2013 at 4:00 PM, David Fifield <david () bamsoftware com> wrote:
On Tue, Jul 30, 2013 at 02:36:45PM -0400, Patrick Donnelly wrote:On Tue, Jul 30, 2013 at 2:04 PM, David Fifield <david () bamsoftware com> wrote:On Tue, Jul 30, 2013 at 02:53:30AM +0300, George Chatzisofroniou wrote:- Patrick mentioned an idea of a script that checks for common vhosts. I don't think that a script currently tells that.It might be this one: http://nmap.org/nsedoc/scripts/http-vhosts.htmlDavid, do you know if we have a script which actually tries a socket connection for various subdomains, instead of just changing the Host HTTP header?I don't know what you mean; http-vhosts checks for different names on a single IP; dns-brute checks for name resolution of common subdomains.
I'm mostly curious if there are different web servers for different sub-domains. How useful that is, I dunno. dns-brute looks good for the "finding sub-domain" step. I would envision a script dependent on those results which tries doing some simple http requests, if the IP addresses are different. [That might be breaking the tacit "scan only the target" contract for scripts though...] -- Patrick Donnelly _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- George's status report - #8 of 16 George Chatzisofroniou (Jul 29)
- Re: George's status report - #8 of 16 David Fifield (Jul 30)
- Re: George's status report - #8 of 16 Patrick Donnelly (Jul 30)
- Re: George's status report - #8 of 16 David Fifield (Jul 30)
- Re: George's status report - #8 of 16 Patrick Donnelly (Jul 30)
- Re: George's status report - #8 of 16 Patrick Donnelly (Jul 30)
- Re: George's status report - #8 of 16 David Fifield (Jul 30)