diff --git a/http-git.nse b/http-git.nse index a9e5181..25afced 100644 --- a/http-git.nse +++ b/http-git.nse @@ -68,9 +68,6 @@ function action(host, port) -- We could try for /.git/, but we will not get a 200 if directory -- listings are disallowed. if http.get(host, port, root .. ".git/HEAD").status == STATUS_OK then - if repos_found > 0 then - out:insert("") - end repos_found = repos_found + 1 local replies = {} -- This function returns true if we got a 200 OK when @@ -115,10 +112,12 @@ function action(host, port) -- Tell the user that we found a repository, and indicate if -- we didn't find all the files we were looking for. local location = host.ip .. ":" .. port.number .. root .. ".git/" + out[location] = {} + setmetatable(out[location], { __index = table }) if count.ok == count.tried then - out:insert("Git repository found at " .. location) + out[location]:insert("Git repository found at " .. location) else -- if we didn't find all the files we were hoping to, we might not actually have a repo - out:insert("Potential Git repository found at " .. location .. " (found " .. + out[location]:insert("Potential Git repository found at " .. location .. " (found " .. tostring(count.ok + 1) .. " of " .. tostring(count.tried + 1) .. " expected files)") -- we already got /.git/HEAD, so add one to 'found' and 'expected' end @@ -150,7 +149,7 @@ function action(host, port) end -- If we matched anything, finish the line up if found_anything then buf = buf .. " (case-insensitive match)" - out:insert(strbuf.dump(buf)) + out[location]["Interesting files"] = strbuf.dump(buf) end end end @@ -164,11 +163,9 @@ function action(host, port) local s = no_newline or short if #original_string > #s then -- If we cut off something, we want to put an ellipsis on the end - s = description .. ": " .. s .. "..." - else - s = description .. ": " .. s + s = s .. "..." end - out:insert(s) + out[location][description] = s end -- Get the first line and trim to 60 characters, if we got a COMMIT_EDITMESSAGE @@ -206,13 +203,14 @@ function action(host, port) ["heroku.com"] = "App might be deployed to http://.herokuapp.com", } for _, url in ipairs(remotes) do - out:insert("Remote: " .. url) + out[location]["Remote"] = url local domain, reponame = string.match(url, "[@/]([%w._-]+)[:/]([%w._-]+/?[%w._-]+)") local extrainfo = popular_remotes[domain] -- Try and cut off the '.git' extension reponame = string.match(reponame, "(.+)%.git") or reponame if extrainfo then - out:insert(" -> " .. string.gsub(extrainfo, "", reponame)) + local replaced = string.gsub(extrainfo, "", reponame) + out[location]:insert(replaced) end end end @@ -249,7 +247,7 @@ function action(host, port) if ok(file) then -- we only test all fingerprints if we got the file for i, fingerprint in ipairs(fingerprints) do if string.match(replies[file].body, fingerprint[1]) then - out:insert("Based on the file '" .. file .. "', this is a " .. fingerprint[2]) + out[location]["Project type"] = fingerprint[2] .. " (guessed from " .. file .. ")" -- Based on the file '.gitignore', this is a Ruby on Rails application" break -- we only want to print our first guess (the most specific one that matched) end @@ -260,6 +258,5 @@ function action(host, port) end -- Replace non-printing characters with asterisks - if #out > 0 then return string.gsub(stdnse.format_output(true, out), "[^%w%p%s]", "*") - else return nil end + return out end