Nmap url-snarf NSE Script

Script Overview

---

Script source code: https://github.com/nmap/nmap/tree/master/scripts/url-snarf.nse
Script categories: safe
Target service / protocol: -
Target network port(s): -
List of CVEs: -

Script Description

---

The url-snarf.nse script sniffs an interface for HTTP traffic and dumps any URLs, and their originating IP address. Script output differs from other script as URLs are written to stdout directly. There is also an option to log the results to file.

The script can be limited in time by using the timeout argument or run until a ctrl+break is issued, by setting the timeout to 0.

Url-snarf NSE Script Arguments

---

This is a full list of arguments supported by the url-snarf.nse script:

url-snarf.interface

Interface on which to sniff (overrides -e)

url-snarf.nostdout

Doesn't write any output to stdout while running

url-snarf.outfile

Filename to which all discovered URLs are written

url-snarf.timeout

Runs the script until the timeout is reached. a timeout of 0s can be used to run until ctrl+break. (default: 30s)

- - -
To use these script arguments, add them to the Nmap command line using the --script-args arg1=value,[arg2=value,..] syntax. For example:

nmap --script=url-snarf --script-args url-snarf.interface=value,url-snarf.nostdout=value <target>

Url-snarf NSE Script Example Usage

---

Here's an example of how to use the url-snarf.nse script:

nmap --script url-snarf -e <interface>

Url-snarf NSE Script Example Output

---

Here's a sample output from the url-snarf.nse script:

| url-snarf:
|_  Sniffed 169 URLs in 5 seconds

Url-snarf NSE Script Example XML Output

---

There is no sample XML output for this module. However, by providing the -oX <file> option, Nmap will produce a XML output and save it in the file.xml file.

Author

---

• Patrik Karlsson

References

---

• https://nmap.org/nsedoc/scripts/url-snarf.html
• https://github.com/nmap/nmap/tree/master/scripts/url-snarf.nse

See Also

---

Visit Nmap NSE Library for more scripts.

The url-snarf.nse script may fail with the following error messages. Check for the possible causes by using the code snippets highlighted below found in the script source code. This can often times help in identifying the root cause of the problem.

n ERROR: Failed to open outfile (%s)

---

Here is a relevant code snippet related to the "n ERROR: Failed to open outfile (%s)" error message:

105:	  local counter = 0
106:	
107:	  if ( arg_outfile ) then
108:	    local outfd = io.open(arg_outfile, "a")
109:	    if ( not(outfd) ) then
110:	      return ("\n  ERROR: Failed to open outfile (%s)"):format(arg_outfile)
111:	    end
112:	    outfd:close()
113:	  end
114:	
115:	  local socket = nmap.new_socket()