| Server IP : 101.53.144.229 / Your IP : 216.73.216.181 Web Server : Apache System : Linux host.gdigitalindia.in 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64 User : digitalshiksha ( 1179) PHP Version : 5.6.40 Disable Function : eval,show_source,system,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,dl,show_source,curl_multi_exechellcmd, ini_restore,apache_get_modules,get_cfg_var,passthru, exec ,proc_get_status,fpassthru,c999_buff_prepare,c999_sess_put,c99_buff_prepare,c99_sess_put,proc_close,ini_alter,dl,symlink,link,proc_close,ini_alter,dl,symlink,link,mail MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /usr/share/nmap/scripts/ |
Upload File : |
local http = require "http"
local shortport = require "shortport"
local stdnse = require "stdnse"
local string = require "string"
local tab = require "tab"
local table = require "table"
description=[[
Retrieves a list of Git projects, owners and descriptions from a gitweb (web interface to the Git revision control system).
]]
---
-- @usage
-- nmap -p80 www.example.com --script http-gitweb-projects-enum
--
-- @output
-- 80/tcp open http
-- | http-gitweb-projects-enum:
-- | Projects from gitweb.samba.org:
-- | PROJECT AUTHOR DESCRIPTION
-- | sando.git authornum1 no description
-- | camui/san.git devteam no description
-- | albert/tdx.git/.git blueteam no description
-- |
-- | Number of projects: 172
-- |_ Number of owners: 42
--
-- @args http-gitweb.projects-enum.path specifies the location of gitweb
-- (default: /)
author = "riemann"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"discovery", "safe"}
portrule = shortport.http
---
-- @param author bloc (if author name are too long we have a span bloc)
-- @return author name filtred from html entities
---
get_owner = function(res)
local result=res
local _
if ( res:match('<span') ) then
_,_,result=string.find(res,'title="(.-)"')
end
return result
end
action = function(host, port)
local path = stdnse.get_script_args(SCRIPT_NAME .. '.path') or '/'
local response = http.get(host,port,path)
local result, result_stats = {}, {}
if not response or not response.status or response.status ~= 200 or
not response.body then
stdnse.print_debug(1, "%s: Failed to retrieve file: %s",
SCRIPT_NAME, path)
return
end
local html = response.body
local repo=tab.new()
tab.addrow(repo,'PROJECT','AUTHOR','DESCRIPTION')
-- verif generator
if (html:match('meta name="generator" content="gitweb(.-)"')) then
result['name'] = string.format("Projects from %s:", host.targetname or host.ip)
local owners, projects_counter, owners_counter = {}, 0, 0
for tr_code in html:gmatch('(%<tr[^<>]*%>(.-)%</tr%>)') do
local regx='<a[^<>]*href="(.-)">(.-)</a>(.-)title="(.-)"(.-)<i>(.-)</i>'
for _, project, _, desc, _, owner in tr_code:gmatch(regx) do
--if desc result return default text of gitweb replace it by no description
if(string.find(desc,'Unnamed repository')) then
desc='no description'
end
tab.addrow(repo, project, get_owner(owner), desc)
-- Protect from parsing errors or long owners
-- just an arbitrary value
if owner:len() < 128 and not owners[owner] then
owners[owner] = true
owners_counter = owners_counter + 1
end
projects_counter = projects_counter + 1
end
end
table.insert(result,tab.dump(repo))
table.insert(result, "")
table.insert(result,
string.format("Number of projects: %d", projects_counter))
if (owners_counter > 0 ) then
table.insert(result,
string.format("Number of owners: %d", owners_counter))
end
end
return stdnse.format_output(true,result)
end