This small script helps penetration testers to find all available http methods for a specific host.
#!/usr/bin/env bash
# define shell options
set -e
set -u
# define magic variables
declare -r FILE_NAME=$(basename "$0")
declare -r -i SUCCESS=0
declare -r -i NO_ARGS=84
declare -r -i BAD_ARGS=85
# usage function function
fc_usage() {
printf "Usage: %s -i <host>" "$FILE_NAME"
}
# error function function
fc_no_args() {
printf "Error: no arguments supplied\n"
exit "$NO_ARGS"
}
# check script arguments
if [ "$#" -eq 0 ]; then
fc_no_args
fi
while getopts "i:" OPTION; do
case "$OPTION" in
i)
HOST="$OPTARG";;
*)
fc_usage exit "$BAD_ARGS";;
esac
done
# show http method function
function fc_http_method() {
for METH in GET POST PUT TRACE CONNECT OPTIONS PROPFIND; do
printf "%s - " "$METH"
printf "$METH / HTTP/1.1\nHost: $HOST\n\n" | nc -w 1 $HOST 80 | grep "HTTP/1.1"
done
}
fc_http_method
exit "$SUCCESS"