May 2017
Intermediate to advanced
416 pages
21h 33m
English
The script http-cross-domain-policy has the functionality of automatically looking up the availability of the trusted domains obtained from the cross-domain and client access policies. An available trusted domain can be obtained to bypass the cross-domain or client access policy restrictions and implied trusted relationships abused to obtain sensitive information. The script argument http-cross-domain-policy.domain-lookup can be set to perform this query automatically:
$ nmap --script http-cross-domain-policy --script-args http-cross-domain-policy.domain-lookup=true <target>
Read now
Unlock full access