mailing list archives
Re: Nmap NSE: Bad Behaviour
From: jah <jah () zadkiel plus com>
Date: Fri, 30 May 2008 15:26:45 +0100
So first off, my suggestion to change the user-agent to firefox was
tongue-in-cheek - I'm sure that was apparent, but I thought I'd better
emphasise it in case it gets misconstrued.
Second, I hadn't properly looked into bad-behaviour when I posted. It
turns out not to be a database and I've not got the Nmap NSE user agent
added to one. Bad-behaviour is a php application that performs tests on
the HTTP request to block link-spamming. After looking at the source, I
saw that the trigger was my Range header value:
which failed a test, the comment for which reads:
// Range: field exists and begins with 0
// Real user-agents do not start ranges at 0
so I changed my Range to begin at 1 and all was cool again.
I agree with Benson that we shouldn't, by default, spoof the user-agent
for Nmap NSE, but I do like the idea of being able to specify either a
random or a particular user-agent from a range of common ones as well as
the ability to specify an arbitrary one on the command-line for scripts
using the http library. I think a combination of Brandon's and Kris'
ideas would be cool.
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org