h00die
47 lines
2.3 KiB
Markdown
47 lines
2.3 KiB
Markdown
## Description
|
|
|
|
This module shows HTTP Headers returned by the scanned systems.
|
|
|
|
## Verification Steps
|
|
|
|
1. Do: ```use auxiliary/scanner/http/http_header```
|
|
2. Do: ```set RHOSTS [IP]```
|
|
3. Do: ```set RPORT [PORT]```
|
|
4. Do: ```run```
|
|
|
|
## Scenarios
|
|
|
|
**Running the scanner**
|
|
|
|
```
|
|
msf > use auxiliary/scanner/http/http_header
|
|
msf auxiliary(http_header) > show options
|
|
|
|
Module options (auxiliary/scanner/http/http_header):
|
|
|
|
Name Current Setting Required Description
|
|
---- --------------- -------- -----------
|
|
HTTP_METHOD HEAD yes HTTP Method to use, HEAD or GET (Accepted: GET, HEAD)
|
|
IGN_HEADER Vary,Date,Content-Length,Connection,Etag,Expires,Pragma,Accept-Ranges yes List of headers to ignore, separated by comma
|
|
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
|
RHOSTS yes The target address range or CIDR identifier
|
|
RPORT 80 yes The target port (TCP)
|
|
SSL false no Negotiate SSL/TLS for outgoing connections
|
|
TARGETURI / yes The URI to use
|
|
THREADS 1 yes The number of concurrent threads
|
|
VHOST no HTTP server virtual host
|
|
|
|
msf auxiliary(http_header) > set RHOSTS 192.168.56.101
|
|
RHOSTS => 192.168.56.101
|
|
msf auxiliary(http_header) > run
|
|
|
|
[+] 192.168.56.101:80 : CONTENT-TYPE: text/html
|
|
[+] 192.168.56.101:80 : SERVER: Apache/2.2.8 (Ubuntu) DAV/2
|
|
[+] 192.168.56.101:80 : X-POWERED-BY: PHP/5.2.4-2ubuntu5.10
|
|
[+] 192.168.56.101:80 : detected 3 headers
|
|
[*] Scanned 1 of 1 hosts (100% complete)
|
|
[*] Auxiliary module execution completed
|
|
msf auxiliary(http_header) >
|
|
|
|
```
|