mailing list archives
Re: SSTP information script
From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 15 Jan 2014 09:50:10 -0600
On 01/14/2014 06:09 PM, Niklaus Schiess wrote:
this is a slightly modified version of a script i submitted a while ago.
It checks if the Secure Socket Tunneling Protocol
(http://msdn.microsoft.com/en-us/library/cc247338.aspx) is supported for
a given host. Further information as well as SSTP enabled testing hosts
are included in the script description.
Let me know if there are any issues with the script.
Thanks for resubmitting this. Sorry your previous submission fell
through the cracks! When we spoke about this script over IRC, we
discussed switching to using the http.generic_request function instead
of lower-level socket functions. Did you try that? Was there a reason
why you didn't choose that method?
A couple other things that might need cleanup:
1. The portrule is probably too specific at this point. Assuming that
you want to check for this on every HTTPS service regardless of port,
you probably want something like:
portrule = function(host, port)
return shortport.http(host, port) and shortport.ssl(host, port)
This may be a common enough problem that we should have a special
shortport.https function, but I'm not sure.
2. For output keys, we prefer lowercase identifiers (e.g. output.status
instead of output.STATUS)
3. We already have a script that grabs the HTTP Date header, and service
version detection (-sV) will use the Server header if available. The
output of this script could be simply a string, "SSTP is supported." Is
there any other useful information in the response to an SSTP probe that
is different from what is available in the HTTP probe?
Looking forward to integrating this script.
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/