mailing list archives
[NSE] New script http-backup-finder
From: Patrik Karlsson <patrik () cqure net>
Date: Sat, 10 Dec 2011 11:37:01 +0100
I've made a bunch of improvements to the httpspider, made some changes to
the http-email-harvest script and just commited a new script called
The new scripts crawls a site and then attempts to find backup files by
requesting known backup patterns eg: index.html~, index.bak etc.
I noticed some weird responses on some systems claiming to have files based
on the Mac OS pattern "index copy.html".
In all cases so far, this has been a symptom of mod_negotiation triggering
for some reason, returning the index.html page instead.
Don't know what to make of this, except for maybe escaping the url so that
it would become "index%20copy.htm" instead, as this does not trigger
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/
- [NSE] New script http-backup-finder Patrik Karlsson (Dec 10)