Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: http-barracuda-dir-traversal.nse
From: Brendan Coles <bcoles () gmail com>
Date: Wed, 15 Jun 2011 15:10:35 +1000

Updated script attached. I've looped the config matching and changed the
portrule to port_or_service (8000, "barracuda", {"tcp"})



On Wed, Jun 15, 2011 at 11:19 AM, David Fifield <david () bamsoftware com>wrote:

On Fri, Jun 10, 2011 at 11:21:00AM +1000, Brendan Coles wrote:
Version 0.2 is attached which implements the suggested changes.

A user count is provided, a reference to the full disclosure post was
added
and error handling was improved.

This looks good to me. Could someone commit it when possible?

The only thing that really stands out to me is the repeated code that
gets the configuration values--could that be transformed into a loop
over a table of variable names?

Perhaps it should run only if service detection finds a Barracuda
device? The benefits are that we could make this script default without
causing extra traffic to other types of web servers. The downside is
that we'll not detect a vulnerability if version detection fails. I
think there's something to be said for making scripts like this run by
default when they can be reasonably limited. Otherwise they may exist
but never get used except in special circumstances.

David Fifield

Attachment: http-barracuda-dir-traversal.nse
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]