Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Nmap NSE: Bad Behaviour
From: jah <jah () zadkiel plus com>
Date: Fri, 30 May 2008 15:26:45 +0100

Hi again,

So first off, my suggestion to change the user-agent to firefox was
tongue-in-cheek - I'm sure that was apparent, but I thought I'd better
emphasise it in case it gets misconstrued.

Second, I hadn't properly looked into bad-behaviour when I posted.  It
turns out not to be a database and I've not got the Nmap NSE user agent
added to one.  Bad-behaviour is a php application that performs tests on
the HTTP request to block link-spamming.  After looking at the source, I
saw that the trigger was my Range header value:
Range: bytes=0-15
which failed a test, the comment for which reads:
// Range: field exists and begins with 0
// Real user-agents do not start ranges at 0

so I changed my Range to begin at 1 and all was cool again.

I agree with Benson that we shouldn't, by default, spoof the user-agent
for Nmap NSE, but I do like the idea of being able to specify either a
random or a particular user-agent from a range of common ones as well as
the ability to specify an arbitrary one on the command-line for scripts
using the http library.  I think a combination of Brandon's and Kris'
ideas would be cool.



Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]