Script http-affiliate-id

Script types:
Categories: safe, discovery
Download: https://svn.nmap.org/nmap/scripts/http-affiliate-id.nse

Script Summary

Grabs affiliate network IDs (e.g. Google AdSense or Analytics, Amazon Associates, etc.) from a web page. These can be used to identify pages with the same owner.

If there is more than one target using an ID, the postrule of this script shows the ID along with a list of the targets using it.

Supported IDs:

• Google Analytics
• Google AdSense
• Amazon Associates

Script Arguments

http-affiliate-id.url-path

The path to request. Defaults to /.

slaxml.debug

See the documentation for the slaxml library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

http.host, http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline, http.truncated-ok, http.useragent

See the documentation for the http library.

Example Usage

nmap --script=http-affiliate-id.nse --script-args http-affiliate-id.url-path=/website <target>

Script Output

PORT   STATE SERVICE
80/tcp open  http
| http-affiliate-id:
|   Amazon Associates ID: XXXX-XX
|   Google Adsense ID: pub-YYYY
|_  Google Analytics ID: UA-ZZZZ-ZZ
Post-scan script results:
| http-affiliate-id: Possible related sites
| Google Analytics ID: UA-2460010-99 used by:
|   thisisphotobomb.memebase.com:80/
|   memebase.com:80/
| Google Adsense ID: pub-0766144451700556 used by:
|   thisisphotobomb.memebase.com:80/
|_  memebase.com:80/

Requires

• http
• nmap
• re
• shortport
• stdnse
• table
• tableaux

---

Authors:

• Hani Benhabiles
• Daniel Miller
• Patrick Donnelly

License: Same as Nmap--See https://nmap.org/book/man-legal.html