HOME>>>>>>>>>

File `http-google-malware`

脚本使用类型: portrule
脚本所属分类: malware, discovery, safe, external
脚本下载地址: http://nmap.org/svn/scripts/http-google-malware.nse

User Summary

Checks if hosts are on Google's blacklist of suspected malware and phishing servers. These lists are constantly updated and are part of Google's Safe Browsing service.

To do this the script queries the Google's Safe Browsing service and you need to have your own API key to access Google's Safe Browsing Lookup services. Sign up for yours at http://code.google.com/apis/safebrowsing/key_signup.html

To learn more about Google's Safe Browsing:

http://code.google.com/apis/safebrowsing/

To register and get your personal API key:

http://code.google.com/apis/safebrowsing/key_signup.html

Script Arguments

http-google-malware.url

URL to check. Default: http/https://host

http-google-malware.api

API key for Google's Safe Browsing Lookup service

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent

See the documentation for the http library.

Example Usage

执行格式

nmap -p80 --script http-google-malware <host>

Script Output

PORT   STATE SERVICE
80/tcp open  http
|_http-google-malware.nse: Host is known for distributing malware.

Requires

Author: Paulino Calderon

License: VER007 整理 http://www.ver007.com

File http-google-malware