Scribd Logo
Upload

Welcome to Scribd!

  • Http-Config-Backup NSE Script

    Uploaded by

    HCT Sec07
    33 views4 pages
    This document introduces an online Nmap scanner that allows users to perform port scans, OS detection, and traceroutes on targets. It scans for backup and swap files of common web server configuration files that may be exposed. The scanner checks for files used by software like WordPress, phpBB, Joomla, MediaWiki, and more. It applies file name transformations that may indicate configuration file backups.

    Original Description:

    Nmap commant print

    Original Title

    http-config-backup NSE Script

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document introduces an online Nmap scanner that allows users to perform port scans, OS detection, and traceroutes on targets. It scans for backup and swap files of common web server configuration files that may be exposed. The scanner checks for files used by software like WordPress, phpBB, Joomla, MediaWiki, and more. It applies file name transformations that may indicate configuration file backups.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    33 views4 pages

    Http-Config-Backup NSE Script

    Uploaded by

    HCT Sec07
    This document introduces an online Nmap scanner that allows users to perform port scans, OS detection, and traceroutes on targets. It scans for backup and swap files of common web server configuration files that may be exposed. The scanner checks for files used by software like WordPress, phpBB, Joomla, MediaWiki, and more. It applies file name transformations that may indicate configuration file backups.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    Online Nmap Scanner

    Online nmap for Fast scan, Port scan, OS Detection, Traceroute your target.

    Nmap Security
    Scanner
    Intro
    Ref Guide
    Install Guide Reference
    Download Intro Book Install Guide
    Guide
    Changelog
    Book Zenmap
    Download Changelog Docs
    Docs GUI
    Bug
    Security Lists OS Detection Propaganda Related Projects
    Reports
    Nmap Announce
    In the Movies In the News
    Nmap Dev
    Bugtraq
    Full Disclosure
    Pen Test
    Basics File http-config-backup
    More
    Script types: portrule
    Security Tools Categories: auth, intrusive
    Password audit Download: https://svn.nmap.org/nmap/scripts/http-config-backup.nse
    Sniffers
    Vuln scanners User Summary
    Web scanners
    Wireless Checks for backups and swap files of common content management system and web server configuration files.
    Exploitation
    Packet crafters When web server files are edited in place, the text editor can leave backup or swap files in a place where the web
    More server can serve them. The script checks for these files:

    Site News wp-config.php: WordPress


    Advertising config.php: phpBB, ExpressionEngine
    About/Contact configuration.php: Joomla
    LocalSettings.php: MediaWiki
    Site Search /mediawiki/LocalSettings.php: MediaWiki
    Sponsors: mt-config.cgi: Movable Type
    mt-static/mt-config.cgi: Movable Type
    settings.php: Drupal
    .htaccess: Apache

    And for each of these file applies the following transformations (using config.php as an example):

    config.bak: Generic backup.


    config.php.bak: Generic backup.
    config.php~: Vim, Gedit.
    #config.php#: Emacs.
    config copy.php: Mac OS copy.
    Copy of config.php: Windows copy.
    config.php.save: GNU Nano.
    .config.php.swp: Vim swap.
    config.php.swp: Vim swap.
    config.php.old: Generic backup.

    This script is inspired by the CMSploit program by Feross Aboukhadijeh: http://www.feross.org/cmsploit/.

    Script Arguments

    http-config-backup.save

    directory to save all the valid config files found

    http-config-backup.path

    the path where the CMS is installed

    slaxml.debug

    See the documentation for the slaxml library.


    smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

    See the documentation for the smbauth library.

    http.host, http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline, http.truncated-ok,


    http.useragent

    See the documentation for the http library.

    Example Usage
    nmap --script=http-config-backup <target>

    Script Output
    PORT STATE SERVICE REASON
    80/tcp open http syn-ack
    | http-config-backup:
    | /%23wp-config.php%23 HTTP/1.1 200 OK
    |_ /config.php~ HTTP/1.1 200 OK

    Requires
    coroutine
    http
    io
    shortport
    stdnse
    string
    table
    url

    Author:

    Riccardo Cecolin

    License: Same as Nmap--See https://nmap.org/book/man-legal.html


    Nmap Site Navigation

    Reference
    Intro Book Install Guide
    Guide
    Zenmap
    Download Changelog Docs
    GUI
    Bug
    OS Detection Propaganda Related Projects
    Reports
    In the Movies In the News
    [ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

    Scan your target IP or site


    You can use online nmap for Fast scan, Port scan, OS Detection,
    Traceroute your target.

    You might also like