http version scan
来源:互联网 发布:淘宝的棉料衣服起球 编辑:程序博客网 时间:2024/06/06 11:33
介绍一下nmap与metasploit如何获取 http version信息, 默认情况下, nmap 的 -sV 可获取http version.
另外,再介绍两种办法:
root@gnu:~# nmap -p 80 -oX baidu.xml --script http-headers www.baidu.com
Starting Nmap 6.40 ( http://nmap.org ) at 2014-07-27 23:49 EDT
Nmap scan report for www.baidu.com (119.75.218.77)
Host is up (0.0024s latency).
Other addresses for www.baidu.com (not scanned): 119.75.217.56
PORT STATE SERVICE
80/tcp open http
| http-headers:
| Date: Mon, 28 Jul 2014 03:50:17 GMT
| Content-Type: text/html; charset=utf-8
| Connection: Close
| Vary: Accept-Encoding
| Set-Cookie: BAIDUID=A788679A25D50EF8C63A146DFCA62764:FG=1; expires=Thu, 31-Dec-37 23:55:55 GMT; max-age=2147483647; path=/; domain=.baidu.com
| Set-Cookie: BDSVRTM=0; path=/
| P3P: CP=" OTI DSP COR IVA OUR IND COM "
| Cache-Control: private
| Cxy_all: baidu+33a8017ac1f22fa877d2f5c472a23e53
| Expires: Mon, 28 Jul 2014 03:49:49 GMT
| X-Powered-By: HPHP
| Server: BWS/1.1
| BDPAGETYPE: 1
| BDQID: 0xabd2cb1c00002718
| BDUSERID: 0
|
|_ (Request type: HEAD)
Nmap done: 1 IP address (1 host up) scanned in 0.24 seconds
Starting Nmap 6.40 ( http://nmap.org ) at 2014-07-27 23:49 EDT
Nmap scan report for www.baidu.com (119.75.218.77)
Host is up (0.0024s latency).
Other addresses for www.baidu.com (not scanned): 119.75.217.56
PORT STATE SERVICE
80/tcp open http
| http-headers:
| Date: Mon, 28 Jul 2014 03:50:17 GMT
| Content-Type: text/html; charset=utf-8
| Connection: Close
| Vary: Accept-Encoding
| Set-Cookie: BAIDUID=A788679A25D50EF8C63A146DFCA62764:FG=1; expires=Thu, 31-Dec-37 23:55:55 GMT; max-age=2147483647; path=/; domain=.baidu.com
| Set-Cookie: BDSVRTM=0; path=/
| P3P: CP=" OTI DSP COR IVA OUR IND COM "
| Cache-Control: private
| Cxy_all: baidu+33a8017ac1f22fa877d2f5c472a23e53
| Expires: Mon, 28 Jul 2014 03:49:49 GMT
| X-Powered-By: HPHP
| Server: BWS/1.1
| BDPAGETYPE: 1
| BDQID: 0xabd2cb1c00002718
| BDUSERID: 0
|
|_ (Request type: HEAD)
Nmap done: 1 IP address (1 host up) scanned in 0.24 seconds
另外, metasploit 也自带相关扫描模块.
msf auxiliary(http_version) > set RHOSTS xxx.xxx.xxx.0/24
RHOSTS => xxx.xxx.xxx.0/24
msf auxiliary(http_version) > set THREADS 10
THREADS => 10
msf auxiliary(http_version) > show options
Module options (auxiliary/scanner/http/http_version):
Name Current Setting Required Description
---- --------------- -------- -----------
Proxies no Use a proxy chain
RHOSTS xxx.xxx.xxx.0/24 yes The target address range or CIDR identifier
RPORT 80 yes The target port
THREADS 10 yes The number of concurrent threads
VHOST no HTTP server virtual host
0 0
- http version scan
- scan
- Scan
- lisa with match (regex) build in ( 1st version toward scan word)
- Apache HTTP Server Version 2.2 文档
- Apache HTTP Server Version 2.2 文档中文版
- Apache HTTP Server Version 2.2 文档
- HTTP/1.1 505 HTTP Version Not Supported reason and solution
- python:HTTP Error 505: HTTP Version Not Supported
- Theano.scan() 来自http://blog.sina.com.cn/s/blog_6553da670102wi98.html
- version
- version
- Version
- version
- @Version
- Version
- Version
- HTTP request failed! HTTP/1.1 505 HTTP Version Not Supported error
- poj1141 Brackets Sequence
- 数据结构--数组和广义表--数组的顺序存储表示和实现
- oracle 口令失效问题处理
- 快速排序
- HDOJ 题目2601 An easy problem(数学 水题)
- http version scan
- Nginx配置https服务器
- Chapter 1 Securing Your Server and Network(7):禁用SQL Server Browse
- android解决gridview只显示一半
- Hadoop 文件命令
- 简单实用的打印函数执行日志的代码WriteLog函数
- php操作mysql的基本函数
- Java类库(章节摘要)
- 地图(创建, 添加图块, 图层, 对象层,添加图块属性调整修改地图)