Customizing NSE scripts

In-order to achieve maximum effectiveness, customization of scripts helps penetration testers in finding the right vulnerabilities within the given span of time. However, most of the time attackers do not have the time limit to write one. The following code extract is a Lua NSE script to identify a specific file location that we will search for on the entire subnet using Nmap:

local http=require 'http' 
description = [[ This is my custom discovery on the network ]] 
categories = {"safe","discovery"} 
require("http")
function portrule(host, port) 
  return port.number == 80 
end
 
function action(host, port) 
  local response 
  response = http.get(host, port, "/config.php") 
  if response.status and response.status ~= 404 
    then 
    return "successful" 
  end 
end

Save the file into the /usr/share/nmap/scripts/ folder. Finally, your script is ready to be tested, as shown in the following screenshot; you must be able to run your own NSE script without any problems:

To completely understand the preceding NSE script, here is the description of what is in the code:

  • local http: require'http': This calls the right library from the Lua; the line calls the HTTP script and make it a local request
  • description: Where testers/researchers can enter the description of the script
  • categories: This typically has two variables, where one declares whether it is safe or intrusive
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.144.230.82