http-traceroute
脚本使用类型:
portrule
脚本所属分类:
discovery, safe
脚本下载地址: http://nmap.org/svn/scripts/http-traceroute.nse
Exploits the Max-Forwards HTTP header to detect the presence of reverse proxies.
The script works by sending HTTP requests with values of the Max-Forwards HTTP header varying from 0 to 2 and checking for any anomalies in certain response values such as the status code, Server, Content-Type and Content-Length HTTP headers and body values such as the html title.
Based on the work of:
For more information, see: * http://www.agarri.fr/kom/archives/2011/11/12/traceroute-like_http_scanner/index.html
The path to send requests to. Defaults to /
.
HTTP request method to use. Defaults to GET
.
among other values, TRACE is probably the most interesting.
执行格式
nmap --script=http-traceroute <targets>
PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-traceroute: | HTML title | Hop #1: Twitter / Over capacity | Hop #2: t.co / Twitter | Hop #3: t.co / Twitter | Status Code | Hop #1: 502 | Hop #2: 200 | Hop #3: 200 | server | Hop #1: Apache | Hop #2: hi | Hop #3: hi | content-type | Hop #1: text/html; charset=UTF-8 | Hop #2: text/html; charset=utf-8 | Hop #3: text/html; charset=utf-8 | content-length | Hop #1: 4833 | Hop #2: 3280 | Hop #3: 3280 | last-modified | Hop #1: Thu, 05 Apr 2012 00:19:40 GMT | Hop #2 |_ Hop #3
Author: Hani Benhabiles
License: VER007 整理 http://www.ver007.com