Home page logo
/
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News

Sponsors


File http-referer-checker

Script types: portrule
Categories: discovery, safe
Download: http://nmap.org/svn/scripts/http-referer-checker.nse

User Summary

Informs about cross-domain include of scripts. Websites that include external javascript scripts are delegating part of their security to third-party entities.

Script Arguments

httpspider.doscraping, httpspider.maxdepth, httpspider.maxpagecount, httpspider.noblacklist, httpspider.url, httpspider.useheadfornonwebfiles, httpspider.withindomain, httpspider.withinhost

See the documentation for the httpspider library.

http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent

See the documentation for the http library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

Example Usage

nmap -p80 --script http-referer-checker.nse <host>

This script informs about cross-domain include of scripts by
finding src attributes that point to a different domain.

Script Output

PORT   STATE SERVICE REASON
80/tcp open  http    syn-ack
| http-referer-checker:
| Spidering limited to: maxdepth=3; maxpagecount=20;
|   http://css3-mediaqueries-js.googlecode.com/svn/trunk/css3-mediaqueries.js
|_  http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js?ver=3.4.2

Requires


Author: George Chatzisofroniou

License: Same as Nmap--See http://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault