nmap nse script for web services screenshot
Clone or download
Latest commit 4a6066f Jul 22, 2013
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README v01.00 Jul 20, 2012
filelist.log Added external file/dir list functionnality Jul 18, 2012
phantomjs-1.6.0-linux-i686-dynamic.tar.bz2 v01.00 Jul 17, 2012
screenshot.js Added external file/dir list functionnality Jul 18, 2012
webshot.nse Bug fix Jul 22, 2013

README

========
= GOAL =
========

The webshot NSE script allow you to automatically take screenshot when discovering web services.
It also automatically do some little dirbusting basics.

_NO_ X Server is required : Yes, it works in command line, thanks PhantomJS.

This is the first release, please give me some feedback to improve it.

=========
= Setup =
=========

1. Install fontconfig if it's not already installed (distro dependant)
2. Copy the NSE script (webshot.nse) to your nmap script directory ( /usr/share/nmap/scripts/ )
3. Install PhantomJS with the provided screenshot.js (see below)
4. Edit globals in the .nse to fit your needs (required only if you change PATH and/or directory to tests)
5. Update the nmap nse database (nmap --script-updatedb)
6. Smile for the picture :-P

==========================
= Requierments / Credits =
==========================

PhantomJS   
	http://code.google.com/p/phantomjs

Original screenshot.js 
	http://phantomjs.org/
	http://jsbin.com/udopaj/3/js
	This nse script use a modified version, see below.

FontConfig
	http://www.freedesktop.org/wiki/Software/fontconfig

=====================
= Detailled Install =
=====================
All steps are done as root.

PhantomJS
	# cd /opt
	# wget http://phantomjs.googlecode.com/files/phantomjs-1.6.0-linux-i686-dynamic.tar.bz2
	# tar xjpf phantomjs-1.6.0-linux-i686-dynamic.tar.bz2 

screenshot.js
	# mkdir -p /opt/nmap-webshot/png
	# Then download the screenshot.js from my github and put it in /opt/nmap-webshot

filelist.log
	# cp filelist.log /opt/nmap-webshot/filelist.log

=========
= USAGE =
=========
# nmap --script webshot -T5 -PN -p 80,443 192.168.0.0/24
# nmap --script webshot --script-args dirguess=no -p 80,443 192.168.1.123
# nmap --script webshot --script-args skiperr=yes -p 80,443 192.168.1.123
# nmap --script webshot --script-args dirguess=no,skiperr=yes -p 80,443 192.168.1.123
# nmap --script webshot --script-args list=/opt/nmap-webshot/filelist.log -p 80,443 192.168.1.123

See webshot.nse sources for options documentation.

=======
= WHO =
=======

Developped by @_CLX for fun and nothing !
screenshot.js modified by @DrM_fr