Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] Patch for http-fingerprints and http-auth
From: Duarte Silva <duarte.silva () serializing me>
Date: Mon, 19 Dec 2011 10:50:12 +0000

On Monday 19 December 2011 11:33:18 Patrik Karlsson wrote:
Hi Patrik,

I must have missed the changes you made, next time I will search in the
mailling list.

In regards to the hostname argument, the http library already solves
this by checking the name specified as target.

I don't quite remember why it was added in the http-vuln-cve3192.nse but
since
the library already handles it for us, it can be removed.

I tested the script and it worked just fine =P

Regards,
Duarte Silva

Hi Duarte,

Unfortunately I reverted my version as it was incorrectly accessing the raw
http authentication headers instead of the parsed ones, so the changes are
lost. The problem is that the script currently fails to parse some
authentication headers due a bug in the http library. I will work on fixing
that instead and bringing our changes to the path and cache back in.
Anyway, thank's a lot for testing!

//Patrik

Hi,

no problem, I have read David's email, and updated the svn. When you fix it I 
will do some more testing.

Regards,
Duarte Silva

Attachment: smime.p7s
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]