Nmap Development: Re: Nmap NSE: Bad Behaviour

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Nmap Development mailing list archives

Re: Nmap NSE: Bad Behaviour

From: Kris Katterjohn <katterjohn () gmail com>
Date: Fri, 30 May 2008 00:31:51 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Brandon Enright wrote:

On Fri, 30 May 2008 04:02:11 +0100 or thereabouts jah
<jah () zadkiel plus com> wrote:
...snip...

There's always one that spoils it for the many, huh.  Sorry about
that.

May I suggest that the HTTP library user-agent be changed to:
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.14)
Gecko/20080404 Firefox/2.0.0.14

In the meantime, I've uninstalled Nmap from my computer and I'm
contacting its author for assistance.

jah



That's too bad.  I'd like to suggest though that we /not/ just hijack
the Firefox user agent.  Instead, this is probably a perfect place for
us to make use of --script-args to provide an optional user agent
override.

Something like:

--script-args http-user-agent="whatever you want"

I'll hack this up in all my copious free time unless someone has a good
nay or alternative.


What about adding a function to the HTTP library to return a random user
agent?  There can be a table of, say, 8-10 user agents ranging from IE to
Firefox to Opera and with different OS's in the information.  And maybe a
generic name can be passed to the function to grab a specific browser's
user-agent data, like http.get_user_agent("Firefox") (although maybe that's
going overboard).

Then the HTTP library can use it, and anybody else using HTTP, but not the
library, can get it too.

Of course the --script-args option can still be used for extra flexibility.

Brandon


Thanks,
Kris Katterjohn

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSD+RRf9K37xXYl36AQI5zxAAvNx/IZJkWPvqGvbe4VYUkA+BkWIGpRiB
K0/eTmzft04K1aaAVaBngwffcYlYjWnbMUYdIH5DU+WSuesfYMHt4OP3ZKens1pz
QBXihXjDWpfH3lmVrR0l70ilgvZpoddxfDj9rsZZSml/0x674ZNs+PXBiHqrvm8C
JLTPO/zQgGhExIoN2jPsMl998PHmAKqiICRZpMwtw/UUJGcxqWjJ5aePIl2Gktj9
WuuZf2y6Nf6Is533VUzzSzdzSVruVmWCeVXrbGNCyIINbRioFHisRG+tzYtjMIUM
pEMvNqcJzLZ5Uas+AptFU9JYDRF1WKSq9NgzOGt/M+KmX12HN9BZ4dnFfib6RbGu
jjuex2DkjXKkaLiivKiVNUaVF/pZWykyW5METtDtvbHcMkKMT+2ysxndQFz0w/X+
vmNXF/zxFmpyLYpfWDkE2Fg0Dfe01Kmzh6q6J5MVC5Iw+mwZmS7VdMYv8rwl3aff
WuxTIeX9oepEk8ZHYMV99wjgEj95R4P1v8A3MIgD1T8ejNZ5R3XyoB4kAJTEqWeC
YHxIUcgUSyao2wJ+DHEdgp+Z6tGamTyqZtPXgOfpdK4xvoSuYY8qVAfPghkmUxhf
nf2z36kpaWhzHN+3U3gvjyeujJWGHxq114xsXQcSL7NcaTBNjQAtFSaeCYMk6riv
k4ucaJZLooA=
=SXle
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

By Date By Thread

Current thread:

Nmap NSE: Bad Behaviour jah (May 29)
- Re: Nmap NSE: Bad Behaviour Brandon Enright (May 29)
  - Re: Nmap NSE: Bad Behaviour Kris Katterjohn (May 29)
    - Re: Nmap NSE: Bad Behaviour Kris Katterjohn (May 29)
    - Re: Nmap NSE: Bad Behaviour bensonk (May 29)
    - Re: Nmap NSE: Bad Behaviour jah (May 30)
    - Re: Nmap NSE: Bad Behaviour Fyodor (May 30)
    - Re: Nmap NSE: Bad Behaviour DePriest, Jason R. (Jun 09)