Data center: Ashburn, VA

Telegram Chat : MBHH_x86

Email Us: Help@mobilehackerforhire.com

Mobile Hacker For Hire, hire a hacker, hiring a hacker, hacker with proof

Nmap Development: Re: NMAP Scan help

Table of Contents





From: thanatos thanatos via dev <dev () nmap org>
Date: Fri, 3 Feb 2023 20:14:41 +0000 (UTC)


Thank you so much for all of your help

Sent from Yahoo Mail on Android 
 
  On Fri, Feb 3, 2023 at 12:44 PM, Robin Wood<robin@digi.ninja> wrote:   Yes, the JavaScript is sent to the browser as 
part of the "web page package".
This is a page on my site:
https://digi.ninja/projects/authlab.php

As part of it, it uses this bit of HTML:

<script src="/javascript/authlab.js"></script>

To load this JavaScript file:
https://digi.ninja/javascript/authlab.js

The JS file is public and accessible to anyone who browses to it. If it wasn't, then when the browser tried to download 
it, it would fail, and my page would not work as it should.
Try it on almost any site. Browse to it and then do a "view source". Look through for mentions of included scripts, you 
can then browse to those and see their contents.
Anything that has to be run in a browser has to be able to be downloadable from the server and therefore is fully 
visible to anyone who wants to see it.
You should never put secret stuff in anything that has to go to the client.
If you are specifically meaning there are comments in the JS file that shouldn't be seen, just tell the developer to 
remove them. They won't affect anything as comments are just that, comments.

Robin

On Fri, 3 Feb 2023, 18:22 thanatos thanatos, <thanatos_ps () yahoo com> wrote:

I am talking about running a scan from the outside on port 443. It shows my clients information 

Sent from Yahoo Mail on Android 
 
  On Thu, Feb 2, 2023 at 10:08 AM, Robin Wood<robin@digi.ninja> wrote:   JavaScript is sent to the client as part of 
the way the web works and so can't be blocked or hidden. If you stop sending it then whatever bits of the site rely on 
it will stop working.
Nothing should be considered secret in client side JavaScript.
Robin
On Thu, 2 Feb 2023, 15:48 thanatos thanatos via dev, <dev () nmap org> wrote:

I have a question.When I run MAP It displays the javascript comments for the site being scanned. This is a concern for 
the client as this code has proprietary information. The client is asking if something can be done on their side to 
prevent this information from being displayed as a part of the NMAP scan?
Thank UThanatos _______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at https://seclists.org/nmap-dev/
  

  
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at https://seclists.org/nmap-dev/




Current thread:

  • NMAP Scan help thanatos thanatos via dev (Feb 02)
    • Message not available
      • Re: NMAP Scan help thanatos thanatos via dev (Feb 03)
        • Message not available
        • Re: NMAP Scan help thanatos thanatos via dev (Feb 03)

Leave a Reply

Your email address will not be published. Required fields are marked *

error: Content is protected !!