diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 07:42:04 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 07:42:04 +0000 |
commit | 0d47952611198ef6b1163f366dc03922d20b1475 (patch) | |
tree | 3d840a3b8c0daef0754707bfb9f5e873b6b1ac13 /scripts/http-put.nse | |
parent | Initial commit. (diff) | |
download | nmap-0d47952611198ef6b1163f366dc03922d20b1475.tar.xz nmap-0d47952611198ef6b1163f366dc03922d20b1475.zip |
Adding upstream version 7.94+git20230807.3be01efb1+dfsg.upstream/7.94+git20230807.3be01efb1+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'scripts/http-put.nse')
-rw-r--r-- | scripts/http-put.nse | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/scripts/http-put.nse b/scripts/http-put.nse new file mode 100644 index 0000000..9902157 --- /dev/null +++ b/scripts/http-put.nse @@ -0,0 +1,61 @@ +local http = require "http" +local io = require "io" +local shortport = require "shortport" +local stdnse = require "stdnse" + +description = [[ +Uploads a local file to a remote web server using the HTTP PUT method. You must specify the filename and URL path with NSE arguments. +]] + +--- +-- @usage +-- nmap -p 80 <ip> --script http-put --script-args http-put.url='/uploads/rootme.php',http-put.file='/tmp/rootme.php' +-- +-- @output +-- PORT STATE SERVICE +-- PORT STATE SERVICE +-- 80/tcp open http +-- |_http-put: /uploads/rootme.php was successfully created +-- +-- @args http-put.file - The full path to the local file that should be uploaded to the server +-- @args http-put.url - The remote directory and filename to store the file to e.g. (/uploads/file.txt) +-- +-- @xmloutput +-- <elem key="result">/uploads/rootme.php was successfully created</elem> +-- +-- Version 0.1 +-- Created 10/15/2011 - v0.1 - created by Patrik Karlsson <patrik@cqure.net> +-- Revised 10/20/2011 - v0.2 - changed coding style, fixed categories <patrik@cqure.net> +-- + +author = "Patrik Karlsson" +license = "Same as Nmap--See https://nmap.org/book/man-legal.html" +categories = {"discovery", "intrusive"} + + +portrule = shortport.http + +action = function( host, port ) + local output = stdnse.output_table() + local fname, url = stdnse.get_script_args('http-put.file', 'http-put.url') + if ( not(fname) or not(url) ) then + return + end + + local f = io.open(fname, "r") + if ( not(f) ) then + output.error = ("ERROR: Failed to open file: %s"):format(fname) + return output, output.error + end + local content = f:read("a") + f:close() + + local response = http.put(host, port, url, nil, content) + if ( 200 <= response.status and response.status < 210 ) then + output.result = ("%s was successfully created"):format(url) + return output, output.result + end + + output.error = ("ERROR: %s could not be created"):format(url) + return output, output.error +end |