Script http-exif-spider

Script types: portrule
Categories: intrusive
Download: https://svn.nmap.org/nmap/scripts/http-exif-spider.nse

Script Summary

Spiders a site's images looking for interesting exif data embedded in .jpg files. Displays the make and model of the camera, the date the photo was taken, and the embedded geotag information.

Script Arguments

http-exif-spider.url

the url to start spidering. This is a URL relative to the scanned host eg. /default.html (default: /)

slaxml.debug

See the documentation for the slaxml library.

httpspider.doscraping, httpspider.maxdepth, httpspider.maxpagecount, httpspider.noblacklist, httpspider.url, httpspider.useheadfornonwebfiles, httpspider.withindomain, httpspider.withinhost

See the documentation for the httpspider library.

http.host, http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline, http.truncated-ok, http.useragent

See the documentation for the http library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

Example Usage

nmap --script http-exif-spider -p80,443 <host>

Script Output

PORT   STATE SERVICE REASON
80/tcp open  http    syn-ack
| http-exif-spider:
|   http://www.javaop.com/Nationalmuseum.jpg
|     Make: Canon
|     Model: Canon PowerShot S100\xB4
|     Date: 2003:03:29 13:35:40
|   http://www.javaop.com/topleft.jpg
|_    GPS: 49.941250,-97.206189 - https://maps.google.com/maps?q=49.94125,-97.20618863493

Requires

• shortport
• stdnse
• httpspider
• string
• table

---

Author:

• Ron Bowes

License: Same as Nmap--See https://nmap.org/book/man-legal.html