New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Script for parsing Apache server-status page #322

Closed
wants to merge 4 commits into
base: master
from

Conversation

Projects
None yet
3 participants
@EricGershman

EricGershman commented Mar 5, 2016

server-status NSE Script

The Apache mod_status module is used to monitor the performance and activity of an Apache web server. The http-apache-server-status.nse script detects the existence of an Apache mod_status server-status page and attempts to parse useful information such as the Apache version and recent HTTP requests.

Examples

http-apache-server-status.nse running against Ubuntu 15.04 with Apache2 installed:

$ sudo a2enmod status && sudo systemctl restart apache2
Enabling module status.
To activate the new configuration, you need to run:
  service apache2 restart
$ nmap -p 80 --script http-apache-server-status.nse example.com

Starting Nmap 7.01SVN ( https://nmap.org ) at 2016-03-12 23:55 UTC
Nmap scan report for example.com (127.0.1.1)
Host is up (0.00011s latency).
rDNS record for 127.0.1.1: www.example.com
PORT   STATE SERVICE
80/tcp open  http
| http-apache-server-status: 
|   Heading: Apache Server Status for example.com (via 127.0.1.1)
|   Server Version:  Apache/2.4.12 (Ubuntu)
|   Server Built:  Jul 24 2015 15:59:00
|   Server Uptime:   10 seconds
|   Server Load:  0.00 0.01 0.05
|   Requests: 
|_    www.example.com:80    GET /server-status HTTP/1.1

Nmap done: 1 IP address (1 host up) scanned in 0.28 seconds

An example with the status module disabled:

$ sudo a2dismod status && sudo systemctl restart apache2
Module status disabled.
To activate the new configuration, you need to run:
  service apache2 restart
$$ nmap -p 80 --script http-apache-server-status.nse example.com

Starting Nmap 7.01SVN ( https://nmap.org ) at 2016-03-12 23:57 UTC
Nmap scan report for example.com (127.0.1.1)
Host is up (0.00011s latency).
rDNS record for 127.0.1.1: www.example.com
PORT   STATE SERVICE
80/tcp open  http

Nmap done: 1 IP address (1 host up) scanned in 0.30 seconds

$ nmap -d -p 80 --script http-apache-server-status.nse example.com | grep Fail
NSE: [http-apache-server-status 127.0.1.1:80] Failed to retrieve: /server-status

An example of the status module disabled with a non-mod_status page hosted at /server-status:

$ sudo cp /var/www/html/index.html /var/www/html/server-status
$ sudo chown www-data:www-data /var/www/html/server-status 
$ nmap -p 80 --script http-apache-server-status.nse example.com

Starting Nmap 7.01SVN ( https://nmap.org ) at 2016-03-05 19:40 UTC
Nmap scan report for example.com (127.0.1.1)
Host is up (0.00011s latency).
rDNS record for 127.0.1.1: www.example.com
PORT   STATE SERVICE
80/tcp open  http

Nmap done: 1 IP address (1 host up) scanned in 0.30 seconds
$ nmap -d -p 80 --script http-apache-server-status.nse example.com | grep mod_status
NSE: [http-apache-server-status 127.0.1.1:80] /server-status does not appear to be a mod_status page

References

EricGershman added some commits Mar 5, 2016

Script for parsing Apache server-status page
The Apache mod_status module is used to monitor the performance and activity of an Apache web server. The http-apache-server-status.nse script detects the existence of an Apache mod_status server-status page and attempts to parse useful information such as the Apache version and recent HTTP requests.
@fgeek

This comment has been minimized.

fgeek commented Mar 6, 2016

Acked-by: Henri Salo henri@nerv.fi
👍

Updated output based on suggestions from nmap-dev
Limited the results table output to unique vhost & URI combinations based on recommendations from http://seclists.org/nmap-dev/2016/q1/256.
@dmiller-nmap

This comment has been minimized.

dmiller-nmap commented Mar 14, 2016

Thanks, awesome! I reduced the requests part to just the VHosts, and added extraction of the Apache version in subsequent commits. Glad to have your contribution!

@nmap-bot nmap-bot closed this in a4b81f3 Mar 14, 2016

@EricGershman

This comment has been minimized.

EricGershman commented Mar 18, 2016

@dmiller-nmap Thanks for all your help, the improvements look great!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment