Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] http-useragent-tester.nse
From: Paulino Calderon <paulino () calderonpale com>
Date: Fri, 26 Jul 2013 12:26:07 -0500

On 07/25/2013 01:10 PM, George Chatzisofroniou wrote:
The attached script sets various User-Agent headers that are used by different
ultities and crawling libraries (for example CURL or wget). If a request is
redirected to a page different than a (valid) browser request would, that
means that this ultity is banned.

Here is an example of usage:

./nmap -p80 -n -Pn --script http-useragent-tester.nse some-very-random-page.com -d1

And the output:

  PORT   STATE SERVICE REASON
  80/tcp open  http    syn-ack
  | http-useragent-tester:
  |   libwww is not allowed: https://www.some-very-random-page.com/unsupportedbrowser
  |   lwp-trivial is allowed.
  |   libcurl-agent/1.0 is not allowed: https://www.some-very-random-page.com/unsupportedbrowser
  |   PHP/ is allowed.
  |   Python-urllib/2.5 is allowed.
  |   GT::WWW is allowed.
  |   Snoopy is allowed.
  |   MFC_Tear_Sample is allowed.
  |   HTTP::Lite is allowed.
  |   PHPCrawl is allowed.
  |   URI::Fetch is allowed.
  |   Zend_Http_Client is allowed.
  |   http client is allowed.
  |   PECL::HTTP is allowed.
  |   Wget/1.13.4 (linux-gnu) is not allowed: https://www.some-very-random-page.com/unsupportedbrowser
  |_  WWW-Mechanize/1.34 is allowed.

Also, a user may use the option 'useragents' to test her own User-Agent headers.

PS: The idea of setting various headers to discover anything about the host
comes from d33tah, so kudos to him as well.



_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Hi,

Have you considered including the capability of discovering new hosts with this script? I've encountered web servers that redirect you to different hosts depending on the UserAgent. It would be great to add a check for this and have the library "target" handle it.

Cheers.
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]