I’ve released a new version of my http-screenshot-html.nse script for NMAP. I also moved the hosting to GitHub as Google Code no longer allows file uploads.
https://github.com/afxdub/http-screenshot-html
Version 1.3 is mostly a bug fix release. The list of changes are below: (more…)
I’ve updated the http-screenshot-html script. You can download it at the Google Code page. The primary changes are:
- Compatibility with Lua 5.2 as used in NMAP 6.25
- Added the “imgquality” script argument to modify the image output quality of wkhtmltoimage.
See the script’s Manual for full details on using the script.
Also, it appears that there is a bug in Lua 5.2. If you use backslashes while calling a script, Lua will throw an error about an Invalid Escape Sequence. So make sure you use forward slashes when calling scripts or using script args in NMAP 6.25. This should be fixed in a future release of NMAP.
Latest version of the script is here:
http://giuoco.org/security/http-screenshot-html-13/
I’ve been tweaking the http-screenshot-html.nse script from my last post. I’ve added some features and modified some things: (more…)
Latest version of the script is here:
http://giuoco.org/security/http-screenshot-html-13/
About a month ago, the folks at SpiderLabs created an NMAP NSE script to grab a screenshot of any scanned hosts that were running web services. (Read about it here). The guys over at Pauldotcom were talking about the script and how it would be cool if it could output the results with links and full header information. I decided this would be a good opportunity for me to learn some Lua and do some cool things with NMAP. (more…)
I recently re-watched War Games, the 1983 movie staring Matthew Broderick and Ally Sheedy. If you haven’t seen it, stop. Go watch it. We’ll play a game of chess while we wait for you.
One of the great things about War Games is that it shows a fairly realistic depiction of a hack. At the beginning of the movie, we see David Lightman use a Wardialer to find phone numbers connected to modems. It turns out NORAD had left a phone line exposed to the outside and that allowed David Lightman to access the WOPR. Later on in the movie, one of the Sys Admins at NORAD said, “The phone company screwed up! They exposed a phone line.” This leads us to our first lesson. (more…)