Home page logo
/
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News

Sponsors


File http-vhosts

Script types: portrule
Categories: discovery, intrusive
Download: http://nmap.org/svn/scripts/http-vhosts.nse

User Summary

Searches for web virtual hostnames by making a large number of HEAD requests against http servers using common hostnames.

Each HEAD request provides a different Host header. The hostnames come from a built-in default list. Shows the names that return a document. Also shows the location of redirections.

The domain can be given as the http-vhosts.domain argument or deduced from the target's name. For example when scanning www.example.com, various names of the form <name>.example.com are tried.

Script Arguments

http-vhosts.filelist

file with the vhosts to try. Default nselib/data/vhosts-default.lst

http-vhosts.collapse

The limit to start collapsing results by status code. Default 20

http-vhosts.path

The path to try to retrieve. Default /.

http-vhosts.domain

The domain that hostnames will be prepended to, for example example.com yields www.example.com, www2.example.com, etc. If not provided, a guess is made based on the hostname.

http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent

See the documentation for the http library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

Example Usage

nmap --script http-vhosts -p 80,8080,443 <target>

Script Output

PORT   STATE SERVICE REASON
80/tcp open  http    syn-ack
| http-vhosts:
| example.com: 301 -> http://www.example.com/
| www.example.com: 200
| docs.example.com: 302 -> https://www.example.com/docs/
|_images.example.com: 200

Requires


Author: Carlos Pantelides

License: Same as Nmap--See http://nmap.org/book/man-legal.html

action

action (host, port)

Script action

Parameters

  • host: table
  • port: table

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault