Home page logo
/
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News

Sponsors


File http-devframework

Script types: portrule
Categories: discovery, intrusive
Download: http://nmap.org/svn/scripts/http-devframework.nse

User Summary

Tries to find out the technology behind the target website.

The script checks for certain defaults that might not have been changed, like common headers or URLs or HTML content.

While the script does some guessing, note that overall there's no way to determine what technologies a given site is using.

You can help improve this script by adding new entries to nselib/data/http-devframework-fingerprints.lua

Each entry must have:

  • rapidDetect - Callback function that is called in the beginning
of detection process. It takes the host and port of target website as arguments.
  • consumingDetect - Callback function that is called for each
spidered page. It takes the body of the response (HTML code) and the requested path as arguments.

Note that the consumingDetect callback will not take place only if rapid option is enabled.

Script Arguments

http-errors.rapid

boolean value that determines if a rapid detection should take place. The main difference of a rapid vs a lengthy detection is that second one requires crawling through the website. Default: false (lengthy detection is performed)

http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent

See the documentation for the http library.

httpspider.doscraping, httpspider.maxdepth, httpspider.maxpagecount, httpspider.noblacklist, httpspider.url, httpspider.useheadfornonwebfiles, httpspider.withindomain, httpspider.withinhost

See the documentation for the httpspider library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

unittest.run

See the documentation for the unittest library.

Example Usage

nmap -p80 --script http-devframework.nse <target>

Script Output

PORT   STATE SERVICE REASON
80/tcp open  http    syn-ack
|_http-devframework: Django detected. Found Django admin login page on /admin/

Requires


Author: George Chatzisofroniou

License: Same as Nmap--See http://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]