Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] Patch for http-fingerprints and http-auth
From: Patrik Karlsson <patrik () cqure net>
Date: Mon, 19 Dec 2011 11:33:18 +0100

Hi Patrik,

I must have missed the changes you made, next time I will search in the
mailling list.

In regards to the hostname argument, the http library already solves this
by checking the name specified as target.

I don't quite remember why it was added in the http-vuln-cve3192.nse but
the library already handles it for us, it can be removed.

I tested the script and it worked just fine =P

Duarte Silva

Hi Duarte,

Unfortunately I reverted my version as it was incorrectly accessing the raw
http authentication headers instead of the parsed ones, so the changes are
lost. The problem is that the script currently fails to parse some
authentication headers due a bug in the http library. I will work on fixing
that instead and bringing our changes to the path and cache back in.
Anyway, thank's a lot for testing!

Patrik Karlsson
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]