http-apache-negotiation
脚本使用类型:
portrule
脚本所属分类:
safe, discovery
脚本下载地址: http://nmap.org/svn/scripts/http-apache-negotiation.nse
Checks if the target http server has mod_negotiation enabled. This feature can be leveraged to find hidden resources and spider a web site using fewer requests.
The script works by sending requests for resources like index and home without specifying the extension. If mod_negotiate is enabled (default Apache configuration), the target would reply with content-location header containing target resource (such as index.html) and vary header containing "negotiate" depending on the configuration.
For more information, see:
target web site root.
Defaults to /
.
执行格式
nmap --script=http-apache-negotiation --script-args http-apache-negotiation.root=/root/ <target>
PORT STATE SERVICE 80/tcp open http |_http-apache-negotiation: mod_negotiation enabled.
Author: Hani Benhabiles
License: VER007 整理 http://www.ver007.com