|
Nmap Development
mailing list archives
Re: Fix for HTTP_open_proxy.nse
From: Vlatko Kosturjak <kost () linux hr>
Date: Fri, 03 Oct 2008 09:28:26 +0200
Hello Sven!
Thanks for your comments!
Sven Klemm wrote:
I think it's not necessary to do regular expression-matching here as
the service field can only have values from either nmap-services or
nmap-service-probes. A better fix for the portrule is probably
portrule =
shortport.port_or_service({3128,8000,8080},{'squid-http','http-proxy'})
If you take a look at original source, it checked for following:
if (port.number == 3128 or port.number == 8080 or port.service ==
"http-proxy" or port.service == "squid-proxy" or port.service ==
"squid-proxy?")
So, it checked for "squid-proxy" and "squid-proxy?". Your sugestion
wouldn't detect that (it's probably older version of squid detection
display). Not sure if we need that, but just want to make sure we don't
miss anything.
Also, does portrule you suggested detect "squid-http?" and "http-proxy?"?
Let me know your thoughts, so I can write new patch according to our
discussion.
Thanks in advance!
Kost
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
 By Date 
By Thread
Current thread:
|
Intro
