Nmap Development mailing list archives
Re: [NSE] http-feed.nse
From: David Fifield <david () bamsoftware com>
Date: Fri, 16 Aug 2013 20:38:21 -0700
On Mon, Aug 12, 2013 at 07:04:41PM +0300, George Chatzisofroniou wrote:
The attached script crawls through the website and performs some pattern-matching to find any rss or atom feeds. This is pretty useful when testing the target for feed injection or to determine the underlying framework based on the feed generator. There are no options, so you run the script as follows: ./nmap -p80 -n -Pn --script http-feed some-random-page.com -d1 The output looks like this: PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-feed: | Spidering limited to: maxpagecount=40; withinhost=some-random-page.com | Found the following feeds: | RSS (version 2.0): http://www.some-random-page.com/2011/11/20/feed/ | RSS (version 2.0): http://www.some-random-page.com/2011/12/04/feed/ | RSS (version 2.0): http://www.some-random-page.com/category/animalsfeed/ | RSS (version 2.0): http://www.some-random-page.com/comments/feed/ |_ RSS (version 2.0): http://www.some-random-page.com/feed/ Note that for large web applications, you will have to increase httpspider's 'maxpagecount' value (for example, to a value above 100). But beware because the script will become more intrusive.
I tried against sectools.org. It found the aggregate feed of all comments, but not any feeds for individual tools like http://sectools.org/tool/netcat/feed/. ./nmap --script http-feed -p80 sectools.org --script-args maxpagecount=10 -d PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-feed: | Spidering limited to: maxpagecount=40; withinhost=sectools.org | Found the following feeds: |_ RSS (version 2.0): http://sectools.org/feed/ It didn't find feeds at secwiki.org. It doesn't seem to understand this markup on the home page. <link rel="alternate" type="application/atom+xml" title="SecWiki Atom feed" href="/mediawiki/index.php?title=Special:RecentChanges&feed=atom" /> ./nmap --script http-feed -p443 secwiki.org --script-args maxpagecount=100 -d PORT STATE SERVICE REASON 443/tcp open https syn-ack |_http-feed: Couldn't find any feeds. David Fifield _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] http-feed.nse George Chatzisofroniou (Aug 12)
- Re: [NSE] http-feed.nse David Fifield (Aug 16)
- Re: [NSE] http-feed.nse George Chatzisofroniou (Aug 17)
- Re: [NSE] http-feed.nse David Fifield (Aug 17)
- Re: [NSE] http-feed.nse George Chatzisofroniou (Aug 17)
- Re: [NSE] http-feed.nse George Chatzisofroniou (Aug 17)
- Re: [NSE] http-feed.nse David Fifield (Aug 16)
- Re: [NSE] http-feed.nse George Chatzisofroniou (Aug 22)