Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] Patch for http-fingerprints and http-auth
From: Duarte Silva <duarte.silva () serializing me>
Date: Mon, 19 Dec 2011 10:21:46 +0000

On Sunday 18 December 2011 20:31:52 Patrik Karlsson wrote:
On Sun, Dec 18, 2011 at 7:18 PM, Duarte Silva

<duarte.silva () serializing me>wrote:
Hi,

added fingerprints for Apache Archiva and to some variations of
directories related with source code repositories.

Also added path and hostname arguments to http-auth (after running
http-enum I
wanted to check authenticated resources that weren't in the '/' path).

Regards,
Duarte Silva
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Thanks Duarte,

I committed the fingerprints and the changes I mentioned in http-auth the
other day.
They already had the path argument added and most of your changes.
I was a bit unsure of the request options though.
As far as I can tell, the header "Connection: close" was already being sent
and didn't need to be added.
In regards to the hostname argument, the http library already solves this
by checking the name specified as target.
So if you specify scanme.nmap.org as a target, the host header will be set
with that name.
The only case that I can see where the hostname argument could be useful is
for hostnames that don't resolve.
So I'm not sure if we should add that argument or not?
Please have a look at (and test, if possible) the current http-auth to see
whether it suits your needs.

Cheers,
Patrik

Hi Patrik,

I must have missed the changes you made, next time I will search in the 
mailling list.

In regards to the hostname argument, the http library already solves this
by checking the name specified as target.

I don't quite remember why it was added in the http-vuln-cve3192.nse but since 
the library already handles it for us, it can be removed.

I tested the script and it worked just fine =P

Regards,
Duarte Silva

Attachment: smime.p7s
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]