Source: Pentest Geek
In this article “Recently I was conducting a penetration test for a very large high profile client. The network itself had over 5500+ nodes and nearly 400 subnets. I started out using one of my new tactics by utilizing Nmap’s new http-screenshot.nse script. If you haven’t had a chance to check it out; I highly suggest you do, its the new hotness. The NSE script essentially allows you to scan a network with nmap and take a screenshot of every webpage at the same time. Tutorials on how to use the script can be found on Pentest Geek here, or on Trustwave’s site here.
Normally when looking over all of the webpage screenshots I’m typically conscious of items like Apache tomcat servers with default creds, Jboss servers that expose the jmx-console, printers that have internal document servers holding confidential data, etc, etc…
I had never seen it before, and all it offered was a login form for a username and password. This application definitely appeared to be custom made, and we all know custom made applications are put on a budget to complete. Projects on a budget often times are focused on functionality and not security.