-
Notifications
You must be signed in to change notification settings - Fork 15
/
Copy pathhttp-screenshot.nse
54 lines (39 loc) · 1.4 KB
/
http-screenshot.nse
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
description = [[ Screenshot of Web application (based on cutycapt) need -sV to detect service http/https - need apt install libqt5webkit5 on kali 19]]
author = ""
license = ""
categories = {"default", "discovery", "safe"}
local shortport = require "shortport"
local stdnse = require "stdnse"
portrule = shortport.http
action = function(host, port)
local service_tunnel = port.version.service_tunnel -- need -sV
local service = port.service
local prefix = "http"
local output = stdnse.output_table()
if (service_tunnel ~= "ssl") then
if(service == "https") then
prefix = "https"
end
else
prefix = "https"
end
local target = host.targetname
if host.targetname == nil then
target = host.ip
end
local filename = "screenshot-nmap-"..target.."_"..prefix.."_"..port.number..".png"
local cmd = "cutycapt --insecure --max-wait=4000 --url="..prefix.."://"..target..":"..port.number.." --out="..filename.." --user-style-string='body { background-color: rgb(255,255,255); }' 2> /dev/null >/dev/null"
stdnse.debug(1, "DEBUG CUTYCAPT >>> %s", cmd)
output.prefix = prefix
output.targetname = host.targetname
output.port = port.number
output.filename = filename
output.cmd = cmd
local ret = os.execute(cmd)
local result = "failed (verify cutycapt is in your path) "..cmd
if ret then
result = "Saved to " .. filename
end
output.result = result
return output
end