http-generator NSE Script

Displays the contents of the "generator" meta tag of a web page default: / if there is one. Script Arguments http-generator.path Specify the path you want to check for a generator meta tag default to '/'. http-generator.redirects Specify the maximum number of redirects to follow defaults to 3...

reverse-index NSE Script

Creates a reverse index at the end of scan output showing which hosts run a particular service. This is in addition to Nmap's normal output listing the services on each host. Script Arguments reverse-index.mode the output display mode, can be either horizontal or vertical default: horizontal...

http-put NSE Script

Uploads a local file to a remote web server using the HTTP PUT method. You must specify the filename and URL path with NSE arguments. Script Arguments http-put.file - The full path to the local file that should be uploaded to the server http-put.url - The remote directory and filename to store...

http-vuln-cve2011-3192 NSE Script

Detects a denial of service vulnerability in the way the Apache web server handles requests for multiple overlapping/simple ranges of a page. References: See also: http-slowloris-check.nse http-slowloris.nse Script Arguments http-vuln-cve2011-3192.path Define the request path...

dns-update NSE Script

Attempts to perform a dynamic DNS update without authentication. Either the test or both the hostname and ip script arguments are required. Note that the test function will probably fail due to using a static zone name that is not the zone configured on your target. Script Arguments dns-update.te...

resolveall NSE Script

NOTE: This script has been replaced by the --resolve-all command-line option in Nmap 7.70 Resolves hostnames and adds every address IPv4 or IPv6, depending on Nmap mode to Nmap's target list. This differs from Nmap's normal host resolution process, which only scans the first address A or AAAA...

ms-sql-query NSE Script

Runs a query against Microsoft SQL Server ms-sql. SQL Server credentials required: Yes use ms-sql-brute, ms-sql-empty-password and/or mssql.username & mssql.password Run criteria: Host script: Will run if the mssql.instance-all, mssql.instance-name or mssql.instance-port script arguments are used...

ldap-search NSE Script

Attempts to perform an LDAP search and returns all matches. If no username and password is supplied to the script the Nmap registry is consulted. If the ldap-brute script has been selected and it found a valid account, this account will be used. If not anonymous bind will be used as a last attemp...

http-methods NSE Script

Finds out what options are supported by an HTTP server by sending an OPTIONS request. Lists potentially risky methods. It tests those methods not mentioned in the OPTIONS headers individually and sees if they are implemented. Any output other than 501/405 suggests that the method is if not in the...

asn-query NSE Script

Maps IP addresses to autonomous system AS numbers. The script works by sending DNS TXT queries to a DNS server which in turn queries a third-party service provided by Team Cymru using an in-addr.arpa style zone set up especially for use by Nmap. The responses to these queries contain both Origin...

ftp-anon NSE Script

Checks if an FTP server allows anonymous logins. If anonymous is allowed, gets a directory listing of the root directory and highlights writeable files. See also: ftp-brute.nse Script Arguments ftp-anon.maxlist The maximum number of files to return in the directory listing. By default it is 20, o...

http-open-proxy NSE Script

Checks if an HTTP proxy is open. The script attempts to connect to www.google.com through the proxy and checks for a valid HTTP response code. Valid HTTP response codes are 200, 301, and 302. If the target is an open proxy, this script causes the target to retrieve a web page from www.google.com...

corehttp-overflow.txt

/ corehttpv0.5.3alpha: httpd remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc xcorehttp.c -o xcorehttp syntax: ./xcorehttp -r -h host -p port corehttp homepage/url: http://corehttp.sourceforge.net/ bughttp.c:...