Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Enhanced Version of HTTPtrace.nse
From: Fyodor <fyodor () insecure org>
Date: Fri, 14 Dec 2007 18:32:27 -0800

On Fri, Dec 14, 2007 at 08:15:08AM -0000, Rob Nicholls wrote:
Thanks Thomas, I've started adding support and a version I've got here
appears to work a lot better on Linux now.

However, has anyone got any good suggestions on how I can work out if a
server on port 443 isn't using https, but is actually using http?

Maybe just try it with plain HTTP and see if it works?  I don't think
it is all that uncommon for SSL servers to also accept unencrypted
requests (I'm not saying it is a good idea for them to do so, just
that I've seen it happy many times).

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]