description = [[
Fetch the BFK.de database to retrieve a list of what is also hosted on the target.
The script creates a one-entry-per-line file which can be used with other security tools.
Be advised that
'Scripts [like this one] may send data to a third-party database or other network resource. 
An example of this is [this script], which makes a connection to [BFK.de] servers to learn [who is also hosted on] the target. 
There is always the possibility that operators of the third-party database will record anything you send to them, 
which in many cases will include your IP address and the address of the target.'
See http://nmap.org/book/nse-usage.html#nse-categories, "external"
]]

-- @output
-- Host script results:
-- | hostmap: (results from bfk.de database)
-- | insecure.org
-- | 74.207.254.18
-- | web.insecure.org
-- | images.insecure.org
-- | lists.insecure.org
-- | www.insecure.org
-- | nmap.org
-- | sectools.org
-- | mirror.sectools.org
-- | seclists.org
-- |_(file created: ./hostmap-for-74-207-254-18.nmap)


author = "Ange Gutek <ange.gutek@gmail.com>"

license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

categories = {"external,discovery,safe"}

require "http"
require "stdnse"

hostrule = function(host)
if host.ip then
	      return true
else 
return false
end

end

action = function(host)
local query = "/bfk_dnslogger.html?query="..host.ip
local response = http.get("www.bfk.de", "80", query)

local hostmap = "(results from bfk.de database)\n"
local t = {}
local host_list ={}
local filehostmap = "hostmap-for-"..string.gsub(host.ip,"%.","-")..".nmap"
t = stdnse.strsplit("href", response.body)
io.output(io.open(filehostmap,"w"))
for i,k in ipairs(t) do 
		      local entry = string.match (k,"sult\">(.-)</a>") -- capture the hostname

		      if entry ~= nil then 
				      -- Checks if the captured host is already in the table
				      local exists = false
				      for i,k in ipairs(host_list) do
								    if entry == k then
										    exists = true
								    end
				      end
				      if not exists then
						    table.insert(host_list, entry)

				      end
				      -- ----------


		    end
end

-- Build the output string
for i,k in ipairs(host_list) do
hostmap = hostmap..k.."\n"
io.write(k.."\n")

end
-- -----------------------


io.close()
hostmap = hostmap.."(file created: ./"..filehostmap..")"
return hostmap

end