I fixed up the code quite a bit and submitted it on irc, it cleanly
detects vulnerable and patched hosts now.
On 19 Dec 2013 10:34, George Chatzisofroniou <sophron () latthi com> wrote:
On Wed, Dec 18, 2013 at 06:18:57PM -0600, Ron wrote:
The issue with the script as-is is, once the vuln is patched, it'll
reporting it's vulnerable, I think, unless they just delete the file.
you try to grab a "bad" file (like /etc/shadow), everything seem to
There are some fixes around already. By fixing the LFI, the HTTP
won't be 200, so the script will not return a false positive.
It works if I switch out the string.match() with "==".
I don't know why, though!
That's because Lua string.match() method expects a pattern as a second
(not a raw string) and the special "-" character is interpreted as the
modifier for repetitions. Thanks for cathing this.
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/