mailing list archives
Re: http-changelog.nse script and GSoC participation.
From: Yashin Mehaboobe <yashinm92 () gmail com>
Date: Wed, 31 Jul 2013 00:51:59 +0530
It can be done by passing a script argument named resource.
nmap --script http-staticfile.nse --script-args resource=/CHANGELOG.txt HOST
And alright, I'll work on integrating it with the http-enum database.
On Fri, Jul 26, 2013 at 3:47 PM, David Fifield <david () bamsoftware com>wrote:
On Sat, Jun 15, 2013 at 09:12:02PM +0530, Yashin Mehaboobe wrote:
I've made the changes you suggested i.e allow any file to be
Right now the script takes a resource argument which will point out the
file which is to be hashed. A file containing the hashes for comparison
will be kept in the nselib/data folder. Code is here:
https://gist.github.com/Sp3ctr3/5786362 . The database file is available
I'm a bit confused by the database format at
https://gist.github.com/Sp3ctr3/5788511. The entries don't seem to have
the name of the file that should be hashed to get them. How does the
http-staticfile script at https://gist.github.com/Sp3ctr3/5786362 know
what files to request?
Anyway, I think this approach of a new database and new script is not
the best one. I would rather see the http-enum database augmented with a
new md5 match type. There's really no reason to have separate scripts
that differ only in how they match fingerprints.
- Yashin Mehaboobe
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/