nmap(zenmap)使用

對 Apache JServ 提出 GET  或 HEAD 來得到 header 相關資料 官方網站:  https://nmap.org/nsedoc/scripts/ajp-headers.html 內容 local ajp = require "ajp" local shortport = require "shortport" local stdnse = require "stdnse" description = [[ Performs a HEAD or GET request against either the root directory or any optional directory of an Apache JServ Protocol server and returns the server response headers. ]] --- -- @usage -- nmap -p 8009 <ip> --script ajp-headers -- -- @output -- PORT     STATE SERVICE -- 8009/tcp open  ajp13 -- | ajp-headers: -- |   X-Powered-By: JSP/2.2 -- |   Set-Cookie: JSESSIONID=goTHax+8ktEcZsBldANHBAuf.undefined; Path=/helloworld -- |   Content-Type: text/html;charset=ISO-8859-1 -- |_  Content-Length: 149 -- -- @args ajp-headers.path The path to request, such as <code>/index.php</code>. Default <code>/</code>. portrule = shortport.port_or_service(8009, 'ajp13', 'tcp') author = &q

執行 URL指令 request  , 對  Apache JServ Protocol 指定port 去查看是否有回應 例如:  nmap -p 8009 --script ajp-request www.hinet.net 官方網站:  https://nmap.org/nsedoc/scripts/ajp-request.html AJP說明:  https://en.wikipedia.org/wiki/Apache_JServ_Protocol 內容: local ajp = require "ajp" local io = require "io" local shortport = require "shortport" local stdnse = require "stdnse" description = [[ Requests a URI over the Apache JServ Protocol and displays the result (or stores it in a file). Different AJP methods such as; GET, HEAD, TRACE, PUT or DELETE may be used. The Apache JServ Protocol is commonly used by web servers to communicate with back-end Java application server containers. ]] --- -- @usage -- nmap -p 8009 <ip> --script ajp-request -- -- @output -- PORT     STATE SERVICE -- 8009/tcp open  ajp13 -- | ajp-request: -- | <!DOCTYPE HTML> -- | <html> -- | <head> -- | <title>JSP Test</title> -- |