Trying to scan in Robtex database with Nmap:
nmap --script http-robtex-reverse-ip <target>
But since Robtex has updated his website, the Nmap script is not working any more.
New Robtex html structure is like this:
<div class="xsha">
<div>
<div>
<h3>
<span id="sharedn.b446331/_ma">Pointing to this IP number</span>
</h3>
</div>
<ol class="xbul">
<li>domain1</li>
<li>domain2</li>
<li>domain3</li>
<li>domain...</li>
</ol>
</div>
</div>
I have changed my Nmap script but it not working.
function parse_robtex_response(data)
local data = data:match("<span id=\"sharedn\">.-<ol.->(.-)</ol>")
local result = {}
if data then
for domain in data:gmatch("<li[^>]*>(.-)</li>") do
domain = domain:gsub("<[^>]+>","")
table.insert(result, domain)
end
end
return result
end
prerule = function() return stdnse.get_script_args("http-robtex-reverse-ip.host") ~= nil end
action = function(host, port)
local target = stdnse.get_script_args("http-robtex-reverse-ip.host")
local ip = ipOps.ip_to_str(target)
if ( not(ip) or #ip ~= 4 ) then
return stdnse.format_output(false, "The argument \"http-robtex-reverse-ip.host\" did not contain a valid IPv4 address")
end
local link = "/ip-lookup/"..target..""
local htmldata = http.get("www.robtex.com", 443, link, {any_af=true})
local domains = parse_robtex_response(htmldata.body)
if ( #domains > 0 ) then
return stdnse.format_output(true, domains)
end
end
How to fix this issue?
This will probably break again next time we change the webpage. Instead of scraping our site, it would be better to use the quite new free API ( https://www.robtex.com/api/ ). It is safer, faster, and easier to parse.