Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] http-devframework.nse
From: George Chatzisofroniou <sophron () latthi com>
Date: Thu, 5 Sep 2013 22:37:06 +0300

On Tue, Aug 27, 2013 at 11:34:11AM +0300, George Chatzisofroniou wrote:
On Mon, Aug 26, 2013 at 08:48:36PM +0000, nnposter () users sourceforge net wrote:
Out of curiosity, why do you use response.rawheader so broadly, instead
of leveraging the parsing that already took place when the response
object was composed? 

While the normalization is useful for the reasons you mentioned, I was thinking
that being case sensitive may be important while fingerprinting. For example,
'CAKEPHP' value might be the lead to recognise a different CakePHP's version
than 'CakePHP'. Does this make sense?

Eventually, i followed your advice and used the already-done parsing. I guess
anyone can still use the rawheader to determine the framework's version.

I commited the script along with its fingerprints file as revision 32210.

-- 
George Chatzisofroniou
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault