Script http-feed

Script types: portrule
Categories: discovery, intrusive
Download: https://svn.nmap.org/nmap/scripts/http-feed.nse

Script Summary

This script crawls through the website to find any rss or atom feeds.

The script, by default, spiders and searches within forty pages. For large web applications make sure to increase httpspider's maxpagecount value. Please, note that the script will become more intrusive though.

Script Arguments

slaxml.debug

See the documentation for the slaxml library.

httpspider.doscraping, httpspider.maxdepth, httpspider.maxpagecount, httpspider.noblacklist, httpspider.url, httpspider.useheadfornonwebfiles, httpspider.withindomain, httpspider.withinhost

See the documentation for the httpspider library.

http.host, http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline, http.truncated-ok, http.useragent

See the documentation for the http library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

Example Usage

nmap -p80 --script http-feed.nse <target>

Script Output

PORT   STATE SERVICE REASON
80/tcp open  http    syn-ack
| http-feed:
| Spidering limited to: maxpagecount=40; withinhost=some-random-page.com
|   Found the following feeds:
|     RSS (version 2.0): http://www.some-random-page.com/2011/11/20/feed/
|     RSS (version 2.0): http://www.some-random-page.com/2011/12/04/feed/
|     RSS (version 2.0): http://www.some-random-page.com/category/animalsfeed/
|     RSS (version 2.0): http://www.some-random-page.com/comments/feed/
|_    RSS (version 2.0): http://www.some-random-page.com/feed/

Requires

• http
• shortport
• stdnse
• table
• string
• httpspider

---

Author:

• George Chatzisofroniou

License: Same as Nmap--See https://nmap.org/book/man-legal.html