Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] HTTP TRACE script
From: "Kris Katterjohn" <katterjohn () gmail com>
Date: Sat, 1 Sep 2007 22:12:21 -0500
On 9/1/07, Kris Katterjohn <katterjohn () gmail com> wrote:


I wrote:


I've attached an NSE script which sends an HTTP TRACE command to a
server and examines the response for modifications.



In what Brandon calls poor form, I'm replying to myself:

I missed something that never came up in initial testing, but showed up
twice in one scan (-iR 5000) this morning: a host sending a 200 OK, but
actually being a 400-level error HTML message with no trace.

After rescanning the guilty hosts with the attached script and using
--script-trace, it seems to work fine.

I attached the copy so you can test it out without patching, but here's
the diff:



In what Brandon would probably call extremely poor form, I'm replying to
myself again :)

I've applied a modified script to SVN, which should be better.  It only
prints the modifications from the request, and only prints, at most, the
first 5 additional lines of it.  Also, it's only in the "discovery" category
rather than in "safe" too.

Thanks,
Kris Katterjohn

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]