Nmap Development mailing list archives
[NSE] Script Submission: HTTP Authentication Discovery
From: Gabriel de Lima Monteiro <gabriel.dlm () fisica if uff br>
Date: Wed, 23 Apr 2014 00:44:51 -0300
Hello, Attached is a NSE implementation to http authentication discovery script that check if a page has a simple login page. It simply check if the server return the 401 code. Example $ nmap -p80 --open --script=http-auth-discovery.nse 192.168.25.1-255 Starting Nmap 6.46 ( http://nmap.org ) at 2014-04-23 00:32 BRT Nmap scan report for PowerBox.home (192.168.25.1) Host is up (0.017s latency). PORT STATE SERVICE 80/tcp open http |_http-auth-discovery: HTTP authentication found Nmap scan report for new-host-4.home (192.168.25.5) Host is up (0.012s latency). PORT STATE SERVICE 80/tcp open http Nmap done: 255 IP addresses (6 hosts up) scanned in 4.87 seconds I find this useful to search for web authentication on very large scans. Cheers, Gabriel
Attachment:
http-auth-discovery.nse
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Script Submission: HTTP Authentication Discovery Gabriel de Lima Monteiro (Apr 22)
- Re: [NSE] Script Submission: HTTP Authentication Discovery George Chatzisofroniou (Apr 23)