Home page logo
/

nmap-dev logo Nmap Development mailing list archives

[NSE] Improved TRACE/TRACK detection script
From: <Patrick.Bogen () foundstone com>
Date: Tue, 18 Oct 2011 11:02:44 -0700

Direct link to the script: http://opensecurityresearch.com/files/http-trace-track.nse
Article explaining the improvements: 
http://blog.opensecurityresearch.com/2011/10/updated-http-tracetrack-plugin-for-nmap.html

Summary:
        * both TRACE and TRACK
        * HTTP/1.1
        * semi-intelligent false positive reduction (compares TRACE/TRACK response to a valid GET response and an 
invalid/made up verb response; verb is only "supported" if the response is HTTP 200, and it differs from the GET 
response, and it differs from the invalid verb response.)

(p.s., please CC me on any replies; I'm not subscribed to the list. If this isn't the correct place to submit a script 
for inclusion, I apologize, and would appreciate any redirection to the proper place.)
--
Patrick Bogen
Consultant
Foundstone Professional Services

Follow Foundstone on Twitter: http://twitter.com/Foundstone
Incident Response & Forensics:  http://www.foundstone.com/IR

http://www.foundstone.com
http://www.mcafee.com
PGP Key: http://www.foundstone.com/us/pgpkeys/patrickbogen.asc
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
  • [NSE] Improved TRACE/TRACK detection script Patrick.Bogen (Oct 19)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault