2020-04-13 17:10:54 +02:00
|
|
|
# Description
|
|
|
|
|
2020-04-23 01:18:37 +02:00
|
|
|
A python tool which scans for HTTP servers and finds given strings in HTTP body
|
|
|
|
and HTTP response headers.
|
2020-04-13 17:10:54 +02:00
|
|
|
|
|
|
|
# Usage
|
|
|
|
|
|
|
|
```
|
|
|
|
$ httpgrep -H
|
2020-04-22 22:34:56 +02:00
|
|
|
__ __ __
|
|
|
|
/ /_ / /_/ /_____ ____ _________ ____
|
|
|
|
/ __ \/ __/ __/ __ \/ __ `/ ___/ _ \/ __ \
|
|
|
|
/ / / / /_/ /_/ /_/ / /_/ / / / __/ /_/ /
|
|
|
|
/_/ /_/\__/\__/ .___/\__, /_/ \___/ .___/
|
|
|
|
/_/ /____/ /_/
|
2020-04-13 17:10:54 +02:00
|
|
|
|
2020-04-22 22:34:56 +02:00
|
|
|
--== [ by nullsecurity.net ] ==--
|
2020-04-13 17:10:54 +02:00
|
|
|
|
|
|
|
usage
|
|
|
|
|
2020-04-13 17:17:56 +02:00
|
|
|
httpgrep -h <args> -s <arg> [opts] | <misc>
|
2020-04-13 17:10:54 +02:00
|
|
|
|
|
|
|
opts
|
|
|
|
|
|
|
|
-h <hosts|file> - single host or host-range/cidr-range or file containing
|
2021-04-11 23:12:56 +02:00
|
|
|
hosts or file containing URLs, e.g.: foobar.net,
|
|
|
|
192.168.0.1-192.168.0.254,
|
2020-04-13 17:10:54 +02:00
|
|
|
192.168.0.0/24, /tmp/hosts.txt
|
2021-04-12 02:06:59 +02:00
|
|
|
NOTE: hosts can also contain ':<port>' on cmdline or in
|
|
|
|
file.
|
2021-04-11 23:12:56 +02:00
|
|
|
-p <port> - port to connect to (default: 80 if hosts were given)
|
2020-04-13 17:10:54 +02:00
|
|
|
-t - use TLS/SSL to connect to service
|
|
|
|
-u <URI> - URI to search given strings in, e.g.: /foobar/, /foo.html
|
|
|
|
(default /)
|
|
|
|
-s <string|file> - a single string or multile strings in a file to find in
|
2020-04-24 06:35:42 +02:00
|
|
|
given URIs and HTTP response headers, e.g.: 'tomcat 8',
|
|
|
|
'/tmp/igot0daysforthese.txt'
|
2021-04-12 02:06:59 +02:00
|
|
|
-X <method> - specify HTTP request method to use (default: get).
|
|
|
|
use '?' to list available methods.
|
|
|
|
-U <useragent> - set custom user-agent (default: firefox, rv84, windows)
|
2020-04-24 06:35:42 +02:00
|
|
|
-S <where> - search strings in given places (default: headers,body)
|
2020-04-13 17:10:54 +02:00
|
|
|
-b <bytes> - num bytes to read from response. offset == response[0].
|
|
|
|
(default: 64)
|
2020-04-24 06:35:42 +02:00
|
|
|
-x <threads> - num threads for concurrent checks (default: 80)
|
2021-04-11 23:12:56 +02:00
|
|
|
-c <seconds> - num seconds for socket timeout (default: 3.0)
|
2020-04-13 17:10:54 +02:00
|
|
|
-i - use case-insensitive search
|
2020-04-24 06:35:42 +02:00
|
|
|
-r - perform reverse dns lookup for given IPv4 addresses
|
|
|
|
-l <file> - log urls and found strings to file
|
2020-04-13 17:10:54 +02:00
|
|
|
-v - verbose mode (default: quiet)
|
|
|
|
|
|
|
|
misc
|
|
|
|
|
|
|
|
-H - print help
|
|
|
|
-V - print version information
|
|
|
|
```
|
|
|
|
|
|
|
|
# Author
|
|
|
|
|
|
|
|
noptrix
|
|
|
|
|
|
|
|
# Notes
|
|
|
|
|
2020-04-14 00:47:52 +02:00
|
|
|
- quick'n'dirty code
|
2020-04-13 21:29:49 +02:00
|
|
|
- httpgrep is already packaged and available for [BlackArch Linux](https://www.blackarch.org/)
|
2020-04-14 10:40:02 +02:00
|
|
|
- My master-branches are always stable; dev-branches are created for current work.
|
2020-04-13 17:10:54 +02:00
|
|
|
- All of my public stuff you find are officially announced and published via [nullsecurity.net](https://www.nullsecurity.net).
|
|
|
|
|
2020-04-13 22:18:08 +02:00
|
|
|
# License
|
|
|
|
|
2020-04-13 22:19:10 +02:00
|
|
|
Check docs/LICENSE.
|
2020-04-13 22:18:08 +02:00
|
|
|
|
2020-04-13 17:10:54 +02:00
|
|
|
# Disclaimer
|
|
|
|
|
|
|
|
We hereby emphasize, that the hacking related stuff found on
|
|
|
|
[nullsecurity.net](http://nullsecurity.net) are only for education purposes.
|
|
|
|
We are not responsible for any damages. You are responsible for your own
|
|
|
|
actions.
|