Nmap Development mailing list archives
Re: [NSE] new script - http-exif-spider
From: Patrik Karlsson <patrik () cqure net>
Date: Thu, 26 Jul 2012 15:29:00 +0200
On Thu, Jul 26, 2012 at 2:55 PM, Ron <ron () skullsecurity net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey all, I'm submitting a script that uses the httpspider library to find .jpg files and then parses exif data to show the camera's make and model, the date/time the photo was taken, and any geolocation data. This is the first time using the httpspider library - and I've been up all night drinking while writing it - so any comments are appreciated. :) Here's some sample output: - -- @output - -- PORT STATE SERVICE REASON - -- 80/tcp open http syn-ack - -- | http-exif-spider: - -- | http://www.javaop.com/Nationalmuseum.jpg - -- | Make: Canon - -- | Model: Canon PowerShot S100\xB4 - -- | Date: 2003:03:29 13:35:40 - -- | http://www.javaop.com/topleft.jpg - -- |_ GPS: 49.941250,-97.206189 - https://maps.google.com/maps?q=49.94125,-97.20618863493 Feel free to use javaop.com to test it out - I should have a couple useful .jpg files linked at the top till I remember to remove them. Thanks, and looking forward to seeing a bunch of you at Defcon! Ron -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) iEYEARECAAYFAlARPlgACgkQ2t2zxlt4g/QirQCg2vfLntYR61MoQ0TJtkRQa2he 5ecAmQEkIxAmcO6kI92Gpn6mL32nN7Es =seCx -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Cool script! Some comments after a very quick look: There's some trailing byte \xB4 after the model, should it be there? Would it make sense to remove the constants that are not being used? Perhaps the script would benefit from a less restrictive blacklist, permitting images, but blocking archives and other cruft? The blacklist suggestion illustrates a shortcoming in the library itself, as there is no easy way of removing an extension category or extension from the default blacklist. So a custom blacklist would have to be loaded using the addBlacklist method in the options class. Cheers, Patrik -- Patrik Karlsson http://www.cqure.net http://twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] new script - http-exif-spider Ron (Jul 26)
- Re: [NSE] new script - http-exif-spider Patrik Karlsson (Jul 26)
- Re: [NSE] new script - http-exif-spider Ron (Jul 26)
- Re: [NSE] new script - http-exif-spider Patrik Karlsson (Jul 26)
- Re: [UPDATE] new script - http-exif-spider Ron (Jul 26)
- Re: [UPDATE] new script - http-exif-spider Patrik Karlsson (Jul 26)
- Re: [NSE] new script - http-exif-spider Ron (Jul 26)
- Re: [NSE] new script - http-exif-spider Patrik Karlsson (Jul 26)
- Re: [NSE] new script - http-exif-spider Ron (Jul 26)