Nmap Development mailing list archives
Re: [NSE Script] HTTP probe for /etc/passwd
From: "Kris Katterjohn" <katterjohn () gmail com>
Date: Sat, 21 Jul 2007 23:15:35 -0500
On 7/21/07, Brandon Enright <bmenrigh () ucsd edu> wrote:
On Sat, 21 Jul 2007 19:05:29 -0500 plus or minus some time Kris Katterjohn <katterjohn () gmail com> wrote:Okay, I made a couple more changes: 1) Use //etc/passwd instead of /etc/passwdOn the webserver I have access to that was actually return /etc/passwd when requested, adding the extra '/' makes it not work. Go figure. I'm not sure which is better and both might be a few too many probes.
Well, crap! :) Yeah, both would be too many I think. I guess we'll just see how things turn up.
2) Added the one that uses \/This should work for poorly designed webservers that check against a blacklist like '../' before going through an 'unescape' function. I'll run a scan later today to see if I can get anything turns up with this.3) Made httpget() to avoid repeating "GET" and "HTTP/1.0\r\n\r\n"Looks good.That makes five tests. If people like it, I'll add it to SVN. Unless you have some more good ideas for me before I do :)If we're taking a vote, count mine early and often :-p
Thanks, Kris Katterjohn _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE Script] HTTP probe for /etc/passwd Kris Katterjohn (Jul 20)
- Re: [NSE Script] HTTP probe for /etc/passwd MadHat Unspecific (Jul 20)
- Re: [NSE Script] HTTP probe for /etc/passwd Brandon Enright (Jul 20)
- Re: [NSE Script] HTTP probe for /etc/passwd Kris Katterjohn (Jul 20)
- Re: [NSE Script] HTTP probe for /etc/passwd Kris Katterjohn (Jul 21)
- Re: [NSE Script] HTTP probe for /etc/passwd Brandon Enright (Jul 21)
- Re: [NSE Script] HTTP probe for /etc/passwd Kris Katterjohn (Jul 21)
- Re: [NSE Script] HTTP probe for /etc/passwd Brandon Enright (Jul 20)
- Re: [NSE Script] HTTP probe for /etc/passwd Brandon Enright (Jul 21)
- Re: [NSE Script] HTTP probe for /etc/passwd Kris Katterjohn (Jul 21)
- Re: [NSE Script] HTTP probe for /etc/passwd Fyodor (Jul 21)
- Re: [NSE Script] HTTP probe for /etc/passwd Brandon Enright (Jul 22)
- Re: [NSE Script] HTTP probe for /etc/passwd Fyodor (Jul 22)
- Re: [NSE Script] HTTP probe for /etc/passwd MadHat Unspecific (Jul 20)
- Re: [NSE Script] HTTP probe for /etc/passwd Gaveen Prabhasara (Jul 22)
- Re: [NSE Script] HTTP probe for /etc/passwd Arturo 'Buanzo' Busleiman (Jul 22)
- Re: [NSE Script] HTTP probe for /etc/passwd Gaveen Prabhasara (Jul 22)
- Re: [NSE Script] HTTP probe for /etc/passwd Arturo 'Buanzo' Busleiman (Jul 23)
- Re: [NSE Script] HTTP probe for /etc/passwd Kris Katterjohn (Jul 22)