diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 07:42:04 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 07:42:04 +0000 |
commit | 0d47952611198ef6b1163f366dc03922d20b1475 (patch) | |
tree | 3d840a3b8c0daef0754707bfb9f5e873b6b1ac13 /scripts/http-robtex-reverse-ip.nse | |
parent | Initial commit. (diff) | |
download | nmap-upstream.tar.xz nmap-upstream.zip |
Adding upstream version 7.94+git20230807.3be01efb1+dfsg.upstream/7.94+git20230807.3be01efb1+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | scripts/http-robtex-reverse-ip.nse | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/scripts/http-robtex-reverse-ip.nse b/scripts/http-robtex-reverse-ip.nse new file mode 100644 index 0000000..66bf5e5 --- /dev/null +++ b/scripts/http-robtex-reverse-ip.nse @@ -0,0 +1,81 @@ +local http = require "http" +local ipOps = require "ipOps" +local stdnse = require "stdnse" +local table = require "table" + +description = [[ +Obtains up to 100 forward DNS names for a target IP address by querying the Robtex service (https://www.robtex.com/ip-lookup/). + +*TEMPORARILY DISABLED* due to changes in Robtex's API. See https://www.robtex.com/api/ +]] + +--- +-- @usage +-- nmap --script http-robtex-reverse-ip --script-args http-robtex-reverse-ip.host='<ip>' +-- +-- @output +-- Pre-scan script results: +-- | http-robtex-reverse-ip: +-- | *.insecure.org +-- | *.nmap.com +-- | *.nmap.org +-- | *.seclists.org +-- | insecure.com +-- | insecure.org +-- | lists.insecure.org +-- | nmap.com +-- | nmap.net +-- | nmap.org +-- | seclists.org +-- | sectools.org +-- | web.insecure.org +-- | www.insecure.org +-- | www.nmap.com +-- | www.nmap.org +-- | www.seclists.org +-- |_ images.insecure.org +-- +-- @args http-robtex-reverse-ip.host IPv4 address of the host to lookup +-- + +author = "riemann" +license = "Same as Nmap--See https://nmap.org/book/man-legal.html" +categories = {"discovery", "safe", "external"} + + +--- Scrape reverse ip information from robtex website +-- @param data string containing the retrieved web page +-- @return table containing the resolved host names +function parse_robtex_response(data) + local data = data:match("<h2>Shared</h2>(.-)<h2>History</h2>") + local result = {} + if data then + for domain in data:gmatch('/dns%-lookup/(.-)"') do + table.insert(result, domain) + end + end + return result +end + +prerule = function() return stdnse.get_script_args("http-robtex-reverse-ip.host") ~= nil end + +action = function() + return "*TEMPORARILY DISABLED* due to changes in Robtex's API. See https://www.robtex.com/api/" +end + +--[[ +action = function(host, port) + + local target = stdnse.get_script_args("http-robtex-reverse-ip.host") + local ip = ipOps.ip_to_str(target) + if ( not(ip) or #ip ~= 4 ) then + return stdnse.format_output(false, "The argument \"http-robtex-reverse-ip.host\" did not contain a valid IPv4 address") + end + + local htmldata = http.get_url("https://www.robtex.com/ip-lookup/"..target, {any_af=true}) + local domains = parse_robtex_response(htmldata.body) + if ( #domains > 0 ) then + return stdnse.format_output(true, domains) + end +end +]]-- |