Mwebfp

Description

The basic operation of mwebfp consists of the processing of an input (targets and TCP ports) that is then used to identify open web server ports with the help of a powerful portscanner (nmap).

All ports found open are then analyzed (on HTTP and HTTPS) and all relevant webserver information is recorded, as well as a screenshot of the rendered webpage (as if it is seen from a broswer).

Usage

Syntax

mwebfp [-h] [-d] [-i INPUT_RANGE | -n SERVER_NAME | -f INPUT_FILE | -r] [-p HTTP_PORTS] [-s HTTPS_PORTS] [-o OUTPUT_DIR] [-t {HTML,XLS,CSV,XML}] [-v {yes,no}] [-w {yes,no}]

Options

  -h, --help            show this help message and exit
  -d, --debug           show debugging info
  -i INPUT_RANGE, --input-range INPUT_RANGE
                        input IP CIDR range
  -n SERVER_NAME, --server-name SERVER_NAME
                        name of server (DNS name)
  -f INPUT_FILE, --input-file INPUT_FILE
                        input file containing IP addresses and/or IP ranges
  -r, --recover         recover/continue previous process
  -p HTTP_PORTS, --http-ports HTTP_PORTS
                        TCP HTTP ports (Default: 80/tcp)
  -s HTTPS_PORTS, --https-ports HTTPS_PORTS
                        TCP HTTPS ports (Default: 443/tcp)
  -o OUTPUT_DIR, --output-dir OUTPUT_DIR
                        working directory
  -t {HTML,XLS,CSV,XML}, --output-format {HTML,XLS,CSV,XML}
                        output report format (Default: HTML)
  -v {yes,no}, --vhosts {yes,no}
                        choice of processing vhosts for each IP address
                        (Default: no)
  -w {yes,no}, --web-screenshots {yes,no}
                        choice of taking web schreenshots (Default: no)

Example

cyborg@cyborg:~$ sudo mwebfp -i 192.168.1.12 -o Output -w yes -v no
Creating output directory:  Output
Loaded 1 IP addresses to scan
IP Address = 192.168.1.12
   NMap heavylifting ... (please be patient)
   Processing port 80	->	open
      Capturing screenshot ...  Done.
   Processing port 443	->	closed
Done. Go check your report file !


cyborg@cyborg:/pentest/web/mwebfp-master/Output$ ls
mwebfp-capture---http-192.168.1.12-NoHostname-p80.png  mwebfp-Output.csv
mwebfp-nmap-192.168.1.12.txt
cyborg@cyborg:/pentest/web/mwebfp-master/Output$ cat mwebfp-nmap-192.168.1.12.txt 
# Nmap 6.40 scan initiated Mon Oct  5 10:09:25 2015 as: nmap -oX - -sT -P0 -vvv -n -T4 -oN Output/mwebfp-nmap-192.168.1.12.txt --script=http-favicon --script=http-headers --script=http-methods --script=http-title -p80,443 192.168.1.12
Nmap scan report for 192.168.1.12
Host is up (0.000074s latency).
Scanned at 2015-10-05 10:09:25 IST for 0s
PORT    STATE  SERVICE
80/tcp  open   http
| http-headers: 
|   Date:           Mon, 05 Oct 2015 04:39:25 GMT
|   Server:         Apache/2.4.7 (Ubuntu)
|   Last-Modified:  Tue, 30 Sep 2014 04:50:44 GMT
|   ETag:           "2cf6-50441203ff100"
|   Accept-Ranges:  bytes
|   Content-Length: 11510
|   Vary:           Accept-Encoding
|   Connection:     close
|   Content-Type:   text/html
|   
|_(Request type: HEAD)
|_http-methods:     GET HEAD POST OPTIONS
|_http-title:       Apache2 Ubuntu Default Page: It works
443/tcp closed https

Read data files from: /usr/bin/../share/nmap
# Nmap done at Mon Oct  5 10:09:25 2015 -- 1 IP address (1 host up) scanned in 0.13 seconds




		
	
	
0 Comments

Leave a reply

CONTACT US

We're are building as a community and a team. Be a part of it.

Sending

©2017 Ztrela Knowledge Solutions Pvt. Ltd

Log in with your credentials

Forgot your details?