![]() ![]() For brute forcing scripts, we will need additional parameter. But what about this authorization required here? Can we do something about it using scripts? Of course. ![]() This is not useful for us in this particular case. This script potentially will give us more information on big sites. Let’s use an additional interesting script. This script is actually using authentication to just gather some credentials and ask for credentials. Why? Because separate location has the PHP script inside and Apache is using PHP interpreter. It’s getting a pop up for credentials and on port 8000 we have directory listing. This is a feature from Apache web server that has a purpose of giving us some statistical information for Apache.īut the second one, let’s see. ![]() We have different behavior because Apache web server gives us server status location and also responded with Authorization Required for separate location. Like what commonly used files are there, maybe locations and also we have here something interesting. This script gives us more information about what’s going on, on the web server part. Let’s narrow down our scans only to web services and use the first script called http-enumeration, enum. We have different services like SSH, DNS, Apache web server. Hope this will not last long … All right. I will also publish them using Python module and let’s, for a start, run a normal version detection scan. I have here some files that are published using Apache http server. We have categories like discovery, DOS, intrusive, auth, brute and a special category called default, which includes specially selected scripts which are safe and most commonly used. Service scripts are scripts that run against specific services listening on the target hosts. Host scripts are executed after Nmap has performed normal operations such as host discovery, port scanning, version detection. Prerule and postrule scripts run before and after Nmap has scanned all of its targets. HWInternally, scripts are divided into four types: prerule scripts, host scripts, service scripts and postrule scripts. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |