Nmap Development mailing list archives
Re: Fix for HTTP_open_proxy.nse
From: Kris Katterjohn <katterjohn () gmail com>
Date: Thu, 02 Oct 2008 14:30:10 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 David Fifield wrote:
$ nc www.google.com 80 HEAD / HTTP/1.0 HTTP/1.0 302 Found Location: http://www.google.hr/ Cache-Control: private Content-Type: text/html; charset=UTF-8 Set-Cookie: PREF=ID=e468038a5d1ffd95:TM=1222924066:LM=1222924066:S=OBsAwWeukoQJmdBa; expires=Sat, 02-Oct-2010 05:07:46 GMT; path=/; domain=.google.com Date: Thu, 02 Oct 2008 05:07:46 GMT Server: gws Content-Length: 218 Connection: CloseIs there any reason we can't use HEAD instead of GET in HTTP_open_proxy.nse?
I've never run scans specifically for this, but I have noticed that there are quite a few servers around configured to (I assume it's a configuration..) give Method Not Implemented (I think it's 501) for HEAD, but work just fine with GET. While HEAD would be better bandwidth-wise, I'm in favor of using GET since it seems to be much more available.
David Fifield
Thanks, Kris Katterjohn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSOUhQP9K37xXYl36AQIgfhAAixFgrvdgFEKrVKupnVrAwKPNWYsESCeW 3BsTS/2dXWqePC6l7j6VtI06XbmkHhx34uaAXGAxHTvtblRA9wqCo16Mi1NUmGQz 8PDpeUizY8shI0bSaiqka6PkTjkr/p7rQrGKty5lZLhP1T3SIYPywYYHOipbjOUA AiPohq7F51+cxIlYstYwTanZ20Ehh5eNproDpmTE0Syi8/cWHGfNFoxNujxQKlR0 DJgVTIC+Loux8kFbSnDxvo25pxpf/5eLjA/QKErtP1OW3AgmadzmU6tMWNKhws51 HefM6S+N6EchhqZA+Oh5owngy5NUhTDwjYYZMgAnocwAO2AZ2bJPWM1ZPTOBKOfu F1ywXNC5qO/BvrjzUOrHqObu5pwYcnrPNEsKG+HTmm9AzOS2P2lhP71wIkfN9tEq 6C/ltWuAKj/DMS7eUMjsSqNmIogk3O00wA/CwPr+CKEJoLxUjZMw4vRKWWMHk3ql 3IxaGqdIgFGEj6QefHQTOUeR2+SrWm6Dueif2DGW499UA3mkuY1EFOFp6vpuqfzY q2cThvFtXb/pY3QKvalArhioZ88TT7B1uC/5tdDJsUWbR+9AlLO48ns3DhvsQ7rY PUQO5K5ZuYXmwyYlm3VsckyM9ShaMqEt1j/F1cVAmdfMw4QlTLT6Doqb9hfhWPFr tSteuFBVjzE= =4pbn -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Fix for HTTP_open_proxy.nse Vlatko Kosturjak (Oct 01)
- Re: Fix for HTTP_open_proxy.nse Sven Klemm (Oct 02)
- Re: Fix for HTTP_open_proxy.nse Vlatko Kosturjak (Oct 03)
- Re: Fix for HTTP_open_proxy.nse Sven Klemm (Oct 03)
- Re: Fix for HTTP_open_proxy.nse Vlatko Kosturjak (Oct 03)
- Re: Fix for HTTP_open_proxy.nse Vlatko Kosturjak (Oct 03)
- Re: Fix for HTTP_open_proxy.nse Sven Klemm (Oct 02)
- Re: Fix for HTTP_open_proxy.nse David Fifield (Oct 02)
- Re: Fix for HTTP_open_proxy.nse Kris Katterjohn (Oct 02)