├── extraer.sh
├── screenshot.js
├── README.md
└── http-screenshot.nse


/extraer.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | if [ -f servidores.html ];
 3 | then
 4 | rm servidores.html
 5 | fi
 6 | printf "<HTML><BODY><BR>" > servidores.html
 7 | ls -1 *.png | sort -V | awk -F : '{ print $1":"$2"\n<BR><IMG SRC=\""$1"%3A"$2"\" width=400 ><BR><BR>" }'  >> servidores.html
 8 | printf "</BODY></HTML>" >> servidores.html
 9 | 
10 | 


--------------------------------------------------------------------------------
/screenshot.js:
--------------------------------------------------------------------------------
 1 | var system = require('system');
 2 | 
 3 | var args = system.args;
 4 | if (args.length !== 3) {
 5 |   console.log('Usage: '+args[0]+ ' <URL> <FILE_NAME>');
 6 |   phantom.exit(1);
 7 | }
 8 | var url = args[1];
 9 | var filename = args[2];
10 | 
11 | var page = require('webpage').create();
12 | 
13 | page.open(url, function (status) {
14 |   setTimeout(function() {
15 |     console.log('Saved screenshot as '+filename);
16 |     page.render(filename);
17 |     phantom.exit(0);
18 |   }, 4000);
19 | });
20 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # http-screenshot-nmap
 2 | Instructions:
 3 | - Download phantomjs: http://phantomjs.org/download.html
 4 | - Add phantomjs to path: `cp phantomjs-2.1.1-linux-x86_64/bin/phantomjs /usr/bin/phantomjs`
 5 | - Download http-screenshot.nse and put it under /usr/share/nmap/scripts.
 6 | - Update nmap -> `nmap --script-updatedb`
 7 | - Download screenshot.js and put it under /tmp
 8 | - Execute nmap -> `nmap -F --script http-screenshot <target>`
 9 | - Move all your screenshots to /var/www/html
10 | - Execute extraer.sh
11 | - Go to http://localhost/servidores.html
12 | 


--------------------------------------------------------------------------------
/http-screenshot.nse:
--------------------------------------------------------------------------------
 1 | -- Copyright (C) 2012 Trustwave
 2 | -- http://www.trustwave.com
 3 | -- 
 4 | -- This program is free software; you can redistribute it and/or modify
 5 | -- it under the terms of the GNU General Public License as published by
 6 | -- the Free Software Foundation; version 2 dated June, 1991 or at your option
 7 | -- any later version.
 8 | -- 
 9 | -- This program is distributed in the hope that it will be useful,
10 | -- but WITHOUT ANY WARRANTY; without even the implied warranty of
11 | -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 | -- GNU General Public License for more details.
13 | -- 
14 | -- A copy of the GNU General Public License is available in the source tree;
15 | -- if not, write to the Free Software Foundation, Inc.,
16 | -- 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
17 | 
18 | description = [[
19 | Gets a screenshot from the host
20 | ]]
21 | 
22 | author = "Ryan Linn <rlinn at trustwave.com>"
23 | 
24 | license = "GPLv2"
25 | 
26 | categories = {"discovery", "safe"}
27 | 
28 | -- Updated the NSE Script imports and variable declarations
29 | local shortport = require "shortport"
30 | 
31 | local stdnse = require "stdnse"
32 | 
33 | portrule = shortport.http
34 | 
35 | action = function(host, port)
36 | 	-- Check to see if ssl is enabled, if it is, this will be set to "ssl"
37 | 	local ssl = port.version.service_tunnel
38 |     
39 | 	-- The default URLs will start with http://
40 | 	local prefix = "http"
41 | 
42 | 	-- Screenshots will be called screenshot-namp-<IP>:<port>.png
43 |         local filename = "screenshot-nmap-" .. host.ip .. ":" .. port.number .. ".png"
44 | 	
45 | 	-- If SSL is set on the port, switch the prefix to https
46 | 	if port.number == 443 then
47 | 		prefix = "https"	
48 | 	end
49 | 
50 | 	-- Execute the shell command phantomjs <url> <filename>
51 |     local cmd = "phantomjs --ignore-ssl-errors=true /tmp/screenshot.js " .. prefix .. "://" .. host.ip .. " " .. filename .. " 2> /dev/null   >/dev/null"
52 | 
53 | 	local ret = os.execute(cmd)
54 | 
55 | 	-- If the command was successful, print the saved message, otherwise print the fail message
56 | 	local result = "failed (verify phantomjs is in your path)"
57 | 
58 | 	if ret then
59 | 		result = "Saved to " .. filename
60 | 	end
61 | 
62 | 	-- Return the output message
63 | 	return stdnse.format_output(true,  result)
64 | 
65 | end
66 | 


--------------------------------------------------------------------------------