Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: New matchline for Perl Dancer (lightweight web framework's development HTTP server)
From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 26 Nov 2013 14:49:34 -0600

On 10/10/2013 04:01 PM, Daniel Miller wrote:

An Nmap user on IRC was asking about a failed version detection, and we came up with this match line for Perl Dancer (http://perldancer.org/), or rather the development HTTP server that it contains for non-deployment use. I'm posting it as a patch, because I'm not sure of the placement in the nmap-service-probes file (please comment!):

diff --git a/nmap-service-probes b/nmap-service-probes
index 0a1bd88..41ea6d0 100644
--- a/nmap-service-probes
+++ b/nmap-service-probes
@@ -8291,6 +8291,7 @@ match http m|^HTTP/1\.1 200 Document follows\r\nServer: Micro-Web\r\n| p/Micro-W match http m|^HTTP/1\.1 200 OK\r\n.*Server: Indy/([\w._-]+)\r\n|s p/Indy/ v/$1/ match http m|^HTTP/1\.1 404 File not found\r\n.*Server: Indy/([\w._-]+)\r\n|s p/Indy/ v/$1/ match http m|^HTTP/1\.1 200 OK\r\nServer: WindWeb/([\w._-]+)\r\n| p/WindWeb/ v/$1/ cpe:/a:windriver:windweb:$1/ +match http m|^HTTP/1\.0 200 OK\r\nServer: Perl Dancer ([\w._-]+)\r\n| p/Perl Dancer/ v/$1/

 # No more HTTP softmatch because many services that I don't think are

The user was surprised that there's no general HTTP server match for servers that have a Server: header. Is this a different issue than the softmatch problem, or is it a matter of HTTP header order, or something else?



I committed this change in r32529. The question of generically matching HTTP Server: headers is handled by the new http-server-header NSE script (http://nmap.org/nsedoc/scripts/http-server-header.html)

Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]