File http-grep
Script types:
portrule
Categories:
discovery, safe
Download: http://nmap.org/svn/scripts/http-grep.nse
User Summary
Spiders a website and attempts to match all pages and urls against a given string. Matches are counted and grouped per url under which they were discovered.
Script Arguments
http-grep.maxdepth
the maximum amount of directories beneath the initial url to spider. A negative value disables the limit. (default: 3)
http-grep.withinhost
only spider URLs within the same host. (default: true)
http-grep.withindomain
only spider URLs within the same
domain. This widens the scope from withinhost and can
not be used in combination. (default: false)
http-grep.match
the string to match in urls and page contents
http-grep.maxpagecount
the maximum amount of pages to visit. A negative value disables the limit (default: 20)
http-grep.url
the url to start spidering. This is a URL relative to the scanned host eg. /default.html (default: /)
httpspider.maxdepth, httpspider.maxpagecount, httpspider.noblacklist, httpspider.url, httpspider.useheadfornonwebfiles, httpspider.withindomain, httpspider.withinhost
See the documentation for the httpspider library.smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername
See the documentation for the smbauth library.http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent
See the documentation for the http library.Example Usage
nmap -p 80 www.example.com --script http-grep --script-args='http-grep.match="[A-Za-z0-9%.%%%+%-]+@[A-Za-z0-9%.%%%+%-]+%.%w%w%w?%w?",http-grep.breakonmatch'
Script Output
PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-grep: | (4) http://example.com/name/ | + name@example.com | + name@example.com | + name@example.com | + name@example.com | (4) http://example.com/sales.html | + sales@example.com | + sales@example.com | + sales@example.com |__ + sales@example.com
Requires
Author: Patrik Karlsson
License: Same as Nmap--See http://nmap.org/book/man-legal.html