Nmap http-internal-ip-disclosure NSE Script


This page contains detailed information about how to use the http-internal-ip-disclosure NSE script. For list of all NSE scripts, visit the Nmap NSE Library.

Script Overview

Script source code: https://github.com/nmap/nmap/tree/master/scripts/http-internal-ip-disclosure.nse
Script categories: vuln, discovery, safe
Target service / protocol: http, https
Target network port(s): 80, 443, 631, 7080, 8080, 8443, 8088, 5800, 3872, 8180, 8000
List of CVEs: -

Script Description

The http-internal-ip-disclosure.nse script determines if the web server leaks its internal IP address when sending an HTTP/1.0 request without a Host header.

Some misconfigured web servers leak their internal IP address in the response headers when returning a redirect response. This is a known issue for some versions of Microsoft IIS, but affects other web servers as well.

Http-internal-ip-disclosure NSE Script Arguments

This is a full list of arguments supported by the http-internal-ip-disclosure.nse script:

http-internal-ip-disclosure.path

Path to URI. Default: /

- - -
To use this script argument, add it to Nmap command line like in this example:

nmap --script=http-internal-ip-disclosure --script-args http-internal-ip-disclosure.path=value <target>

Http-internal-ip-disclosure NSE Script Example Usage

Here's an example of how to use the http-internal-ip-disclosure.nse script:

nmap --script http-internal-ip-disclosure <target>

nmap --script http-internal-ip-disclosure --script-args http-internal-ip-disclosure.path=/path <target>

Http-internal-ip-disclosure NSE Script Example Output

Here's a sample output from the http-internal-ip-disclosure.nse script:

80/tcp open  http    syn-ack
| http-internal-ip-disclosure:
|_  Internal IP Leaked: 10.0.0.2

Http-internal-ip-disclosure NSE Script Example XML Output

Here's a sample XML output from the http-internal-ip-disclosure.nse script produced by providing the -oX <file> Nmap option:

 <elem key="Internal IP Leaked">10.0.0.2</elem>

Author

  • Josh Amishav-Zlatin

References

See Also

Visit Nmap NSE Library for more scripts.

Version

This page has been created based on Nmap version 7.92.