Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] http-drupal-modules.nse
From: Patrik Karlsson <patrik () cqure net>
Date: Fri, 11 May 2012 17:21:26 +0200

On Fri, May 11, 2012 at 2:21 PM, Hani Benhabiles <kroosec () gmail com> wrote:

Hi list,

description = [[
Enumerates the installed Drupal modules by using a list of known modules.

The script works by requesting /sites/all/modules/MODULE_**
NAME/LICENSE.txt.
If the response status code is 200, it means that the module is installed.
By default, the script checks for the top 100 modules (by downloads),
given the huge number of existing modules (~10k).
]]

From what I have found so far, requesting the LICENSE.txt file is the best
option because it is added for every module uploaded on drupal.org(normal way to get drupal modules). Other possible 
options are:

- Requesting MODULE_NAME/ And checking against the status code of a
response for an obviously non-existing module request.

- Building a DB with records specific for each module (some modules have
.js, .css  files or subfolders etc...) which is cumbersome.

I have also attached a list of Drupal modules ranked by number of
downloads (extracted from [1]) that should be copied in nselib/data/

Any input is welcome.

[1] http://drupal.org/project/**usage <http://drupal.org/project/usage>

Cheers,
Hani.

--
Hani Benhabiles
President, OWASP Algeria Student Chapter
http://www.owaspalgeriasc.org
https://www.owasp.org/index.**php/Algeria_Student_Chapter<https://www.owasp.org/index.php/Algeria_Student_Chapter>
Email: hani.benhabiles () owasp org

Twitter: https://twitter.com/#!/kroosec
Blog: http://kroosec.blogspot.com


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


Hi Hani,

This looks like a useful script. I haven't tested it yet, but I looked
through it briefly and I think it could benefit from detecting a common
"problem" where errors or 404 are detected as 200 OK. The http-enum is
using http.identify_404 to do this.

I'll try to find a Drupal installation later today and give it a go.

Cheers,
Patrik
-- 
Patrik Karlsson
http://www.cqure.net
http://twitter.com/nevdull77
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]