Script http-useragent-tester
Script types:
portrule
Categories:
discovery, safe
Download: https://svn.nmap.org/nmap/scripts/http-useragent-tester.nse
Script Summary
Checks if various crawling utilities are allowed by the host.
Script Arguments
- http-useragent-tester.useragents
A table with more User-Agent headers. Default: nil
- httpspider.doscraping, httpspider.maxdepth, httpspider.maxpagecount, httpspider.noblacklist, httpspider.url, httpspider.useheadfornonwebfiles, httpspider.withindomain, httpspider.withinhost
See the documentation for the httpspider library.
- smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername
See the documentation for the smbauth library.
- slaxml.debug
See the documentation for the slaxml library.
- max-newtargets, newtargets
See the documentation for the target library.
- http.host, http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline, http.truncated-ok, http.useragent
See the documentation for the http library.
Example Usage
nmap -p80 --script http-useragent-tester.nse <host> This script sets various User-Agent headers that are used by different utilities and crawling libraries (for example CURL or wget). If the request is redirected to a page different than a (valid) browser request would be, that means that this utility is banned.
Script Output
PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-useragent-tester: | Status for browser useragent: 200 | Redirected To: https://www.example.com/ | Allowed User Agents: | Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html) | libwww | lwp-trivial | libcurl-agent/1.0 | PHP/ | GT::WWW | Snoopy | MFC_Tear_Sample | HTTP::Lite | PHPCrawl | URI::Fetch | Zend_Http_Client | http client | PECL::HTTP | WWW-Mechanize/1.34 | Change in Status Code: | Python-urllib/2.5: 403 |_ Wget/1.13.4 (linux-gnu): 403
Requires
Author:
License: Same as Nmap--See https://nmap.org/book/man-legal.html