Add new script to boost the results.

- nse script + json with regexes + txt with paths - update README.md + pictures
vulnersCom · Aug 15, 2019 · 458f35d · 458f35d
1 parent 4facc43
commit 458f35d
Show file tree

Hide file tree

Showing 6 changed files with 1,110 additions and 10 deletions.
diff --git a/README.md b/README.md
@@ -10,22 +10,57 @@ NSE script using some well-known service to provide info on vulnerabilities
 ![Result example](example.png)
 
 ## Dependencies:
-     nmap libraries:
-         http
-         json
-         string
+    nmap libraries:
+        http
+        json
+        string
+    http-vulners-regex
 
 The only thing you should always keep in mind is that the script depends on having software versions at hand, so it only works with -sV flag.
 
+**NB:** Now it can actually be run without -sV flag if http-vulners-regex script is run as well.
+
 ## Installation
-     locate, where your nmap scripts are located in your system
-         for *nix system it might be  ~/.nmap/scripts/ or $NMAPDIR
-         for Mac it might be /usr/local/Cellar/nmap/<version>/share/nmap/scripts/
-         for Windows it might be C:\Program Files (x86)\Nmap\scripts
-     copy the provided script (vulners.nse) into that directory
+    locate, where your nmap scripts are located in your system
+        for *nix system it might be  ~/.nmap/scripts/ or $NMAPDIR
+        for Mac it might be /usr/local/Cellar/nmap/<version>/share/nmap/scripts/
+        for Windows it might be C:\Program Files (x86)\Nmap\scripts
+    copy the provided script (vulners.nse) into that directory
+    run *nmap --script-updatedb* to update the nmap script DB 
 
 ## Usage
     Use it as straightforward as you can:
-        nmap -sV --script vulners <target>
+        nmap -sV --script vulners [--script-args mincvss=<arg_val>] <target>
         
 It is KISS after all.
+
+# http-vulners-regex
+
+## Description
+
+NSE script to scan HTTP responses and identify CPEs for the mentioned software. It can therefore boost the efficiency of the main vulners script.
+
+![Result example](simple_regex_example.png)
+Or with the paths:
+![Result example](paths_regex_example.png)
+
+## Dependencies
+    nmap libraries:
+        http
+        json
+        string
+        stdnse
+        shortport
+        table
+
+## Installation
+    locate you nmap  directory (as above)
+    copy the provided script (http-vulners-regex.nse) into <nmap_dir>/scripts/
+    copy the provided json with the regexes to <nmap_dir>/nselib/data/
+    copy the provided txt file with the default paths to <nmap_dir>/nselib/data/
+        note that you can specify your own file via command line
+    run *nmap --script-updatedb* to update the nmap script DB 
+
+## Usage
+    As a usual NSE script:
+        nmap --script http-vulners-regex.nse [--script-args paths={"/"}] <target> 
diff --git a/http-vulners-paths.txt b/http-vulners-paths.txt
@@ -0,0 +1,124 @@
+default.asp
+default.aspx
+default.cfm
+default.cgi
+default.html
+default.jhtml
+default.jsa
+default.jsp
+default.php
+default.pl
+default.shtml
+home.asp
+home.aspx
+home.cfm
+home.cgi
+home.html
+home.jhtml
+home.jsa
+home.jsp
+home.php
+home.pl
+home.shtml
+index.asp
+index.aspx
+index.cfm
+index.cgi
+index.html
+index.jhtml
+index.jsa
+index.jsp
+index.php
+index.pl
+index.shtml
+menu.asp
+menu.aspx
+menu.cfm
+menu.cgi
+menu.html
+menu.jhtml
+menu.jsa
+menu.jsp
+menu.php
+menu.pl
+menu.shtml
+main.asp
+main.aspx
+main.cfm
+main.cgi
+main.html
+main.jhtml
+main.jsa
+main.jsp
+main.php
+main.pl
+main.shtml
+start.asp
+start.aspx
+start.cfm
+start.cgi
+start.html
+start.jhtml
+start.jsa
+start.jsp
+start.php
+start.pl
+start.shtml
+localstart.asp
+localstart.aspx
+localstart.cfm
+localstart.cgi
+localstart.html
+localstart.jhtml
+localstart.jsa
+localstart.jsp
+localstart.php
+localstart.pl
+localstart.shtml
+inicio.asp
+inicio.aspx
+inicio.cfm
+inicio.cgi
+inicio.html
+inicio.jhtml
+inicio.jsa
+inicio.jsp
+inicio.php
+inicio.pl
+inicio.shtml
+indice.asp
+indice.aspx
+indice.cfm
+indice.cgi
+indice.html
+indice.jhtml
+indice.jsa
+indice.jsp
+indice.php
+indice.pl
+indice.shtml
+base.asp
+base.aspx
+base.cfm
+base.cgi
+base.html
+base.inc
+base.jhtml
+base.jsa
+base.jsp
+base.php
+base.pl
+base.shtml
+admin.asp
+admin.aspx
+admin.cfm
+admin.cgi
+admin.html
+admin.jhtml
+admin.jsa
+admin.jsp
+admin.php
+admin.pl
+admin.shtml
+readme.txt
+robots.txt