Skip to content
This repository has been archived by the owner on Dec 6, 2023. It is now read-only.

HTTP Command Reference

Jump to bottom
mpgn edited this page Apr 28, 2020 · 2 revisions

HTTP: Command Reference

Updated: 04/29/20
CME Version:5.0.1dev

This module has been deleted on version 5 of CME

The following use cases assume you have a Kali Linux host connected to an internal network.
For the examples it is also assumed hosts are within a 192.168.1.0/24 IP space.

Own stuff using HTTP

Requires phantomjs. If you installed via apt-get, remove that version first, then install from the website.

>wget https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-2.1.1-linux-x86_64.tar.bz2
>tar xvjf phantomjs-2.1.1-linux-x86_64.tar.bz2
>mv phantomjs-2.1.1-linux-x86_64/bin/phantomjs /bin/
>phantomjs -v

Mapping/Enumeration

Identify HTTP(S) Servers and Fingerprint

Returns a list of live webservers and thier banners
Defaults to checking ports 80, 443, 8443, 8008, 8080, 8081

#~ cme http 192.168.1.0/24

Expected Results:

HTTP        192.168.1.117    8080   192.168.1.117     [*] http://192.168.1.117:8080/ (Server: Apache-Coyote/1.1) (Page Title: Apache Tomcat)
HTTP        192.168.1.117    80     192.168.1.117     [*] http://192.168.1.117/install/login (Server: Apache/2.4.18 (Ubuntu)) (Page Title: HackME)
HTTP        192.168.1.120    80     192.168.1.120     [*] http://192.168.1.120/default.html (Server: IIS/8.5 (ASP.NET)) (Page Title: Welcome)
HTTP        192.168.1.125    443    192.168.1.125     [*] https://192.168.1.125/ (Server: Jetty/8.0 ()) (Page Title: QuickStart)

Specify Ports

After the port switch, ports seperated by spaces.

#~ cme http 192.168.1.0/24 --port 80 81 82 8080

Specify Protocol - Not working 8/29/18

By default it checks http,https but you can specify http or https.

#~ cme http 192.168.1.0/24 --transports http

Screenshot WebPages

Takes a screenshot of the landing page and saves it in "/.cme/logs" in the form IP:Port_Year-month-day_time.png

#~ cme http 192.168.1.117 --port 80 81 82 8080 --screenshot
HTTP        192.168.1.117    8080   192.168.1.117     [*] http://192.168.1.117:8080/ (Server: Apache-Coyote/1.1) (Page Title: Apache Tomcat)
HTTP        192.168.1.117    80     192.168.1.117     [*] http://192.168.1.117/install/login (Server: Apache/2.4.18 (Ubuntu)) (Page Title: HackME)
HTTP        192.168.1.117    8080   192.168.1.117     [+] Screenshot stored at /root/.cme/logs/192.168.1.117:8080_2018-08-29_093828.png
HTTP        192.168.1.117    80     192.168.1.117     [+] Screenshot stored at /root/.cme/logs/192.168.1.117:80_2018-08-29_093828.png

Overview

  1. Home
Clone this wiki locally