Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: mod_jk vulnerability nse
From: knull <knull () leethack info>
Date: Fri, 13 May 2011 10:43:10 +0100

yes, that should do the same, it is a better, more simpler way, with
less additional code.

On 5/13/11, Gutek <ange.gutek () gmail com> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Le 13/05/2011 00:19, knull a écrit :
I'd like to contribute a script to the nmap community, it detects
Apache servers with the vulnerable mod_jk version 1.2.20 module, i'm
interested in the community feedback. In any case it will be available
on my site leethack.info soon (I used http-headers.nse as a initial
template, so thanks to Ron Bowes).



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Hello,

Maybe (didn't check by myself) something like

table.insert(fingerprints, {
      category='attacks',
      probes={
              {path='/', method='HEAD'}
      },
      matches={
              {match='^Apache(.+Win32.+)mod_jk/1\.2\.20.*'},
              output='Apache \\1 mod_jk/1.2.20 (CVE-2007-0774)'}
      }
})

in http-fingerprints.lua could do the same, more simply ?

Regards,

A.G.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/

iEYEARECAAYFAk3MtIQACgkQ3aDTTO0ha7iSIwCeLWdkBRbENAe8iHE2s0sMR3Vg
2CYAnRiNb9vx7El6GJAtIJBsMbWfiDfv
=M0D3
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]