http-drupal-modules
脚本使用类型:
portrule
脚本所属分类:
discovery, intrusive
脚本下载地址: http://nmap.org/svn/scripts/http-drupal-modules.nse
Enumerates the installed Drupal modules by using a list of known modules.
The script works by iterating over module names and requesting MODULES_PATH/MODULE_NAME/LICENSE.txt. MODULES_PATH is either provied by the user, grepped for in the html body or defaulting to sites/all/modules/. If the response status code is 200, it means that the module is installed. By default, the script checks for the top 100 modules (by downloads), given the huge number of existing modules (~10k).
The base path. Defaults to /
.
Number of modules to check.
Use this option with a number or "all" as an argument to test for all modules.
Defaults to 100
.
The path to the modules folder. If not set, the script will try to
find the path or default to sites/all/modules/
执行格式
nmap --script=http-drupal-modules --script-args http-drupal-modules.root="/path/",http-drupal-modules.number=1000 <targets>
Interesting ports on my.woot.blog (123.123.123.123): PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-drupal-modules: | views | token | cck | pathauto | ctools | admin_menu | imageapi | filefield | date | imagecache | imagefield | google_analytics | webform | jquery_ui |_ link
Author: Hani Benhabiles
License: VER007 整理 http://www.ver007.com