Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE script] http-robtex-shared-ns-domains.nse
From: David Fifield <david () bamsoftware com>
Date: Mon, 9 Apr 2012 00:26:41 -0700

On Mon, Apr 09, 2012 at 09:22:56AM +0200, Patrik Karlsson wrote:
On Mon, Apr 9, 2012 at 8:38 AM, David Fifield <david () bamsoftware com> wrote:

On Tue, Apr 03, 2012 at 06:15:36PM -0700, David Fifield wrote:
On Tue, Apr 03, 2012 at 03:39:56PM -0300, Arturo 'Buanzo' Busleiman
wrote:
Hi, just a quick script I hacked out of http-robtex-reverse-ip.nse:

buanzo () murray: nse$ nmap --script http-robtex-shared-domains.nse
--script-args http-robtex-shared-domains.host=buanzo.com.ar

Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-04-03 11:36 PDT
Pre-scan script results:
| http-robtex-shared-domains:
|   buanzo.org
|   mailfighter.net
|_   asadoresdelplata.com

Maybe this should be hostmap-robtex.nse? We already have hostmap.nse,
which uses a different service. Having different scripts for different
sources is what we do for the ip-geolocation-* scripts. On the other
hand, people might find it more useful for all the sources to be
consolidated in one hostmap.nse.

I just added this as hostmap-robtex. I moved the exiting hostmap to
hostmap-bfk.

I noticed that the pattern seems to be too strict and it's missing
domains that I can see in a web browser. For example I get no output for
example.com. The pattern is
       "<a href=\"(.-)\.html#shared\" title=\"using ns (.-)\">(.-)</a>"
But the HTML I see in the page is more like
(http://www.robtex.com/ip/192.0.43.10.html)
       <a href="/dns/example.edu.html#shared">example.edu</a>
Do you see this too?

Also, I couldn't get the script to work with the host argument (as
documented usage), which I prefer, as it's an easy way to get the script
results without having to send any data to the target. An alternative is me
learning to use -sn -Pn I guess? :)

Thanks, I removed that argument but I missed it in the @usage. I want
the interface to be mostly uniform with hostmap-bfk.nse. Yes, -sn -Pn is
the answer.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]