Nmap Development mailing list archives
[NSE] http Library Enhancements/Strategy
From: Marc Ruef <marc.ruef () computec ch>
Date: Mon, 03 May 2010 14:04:37 +0200
Hello,I am currently developing a nmap nse port of my httprecon project (requested in [1], first announced at [2], actual screenshot at [3]). I will publish an article series about nse hacking at [4]. After finishing the series I will release httprecon-nse. Feature requests and feedback is always welcome!
During the development I did rely on the http library very heavily. It was a surprise to see that the whole 3xx redirects are not handled within the library. All the http scripts need to implement the feature themselves:
* At the moment html-title.nse is providing a neat implementation. Re-directs to other hosts/ports are detected properly (which is a requirement in professional testing due to limitation of confirmed targets). * On the other hand http-malware-host.nse uses a quick hack which may lead to false-positives: Only the status code is compared. Bbecause no further requests are initiated, this is no "danger" for the target site.
Wouldn't it make sense to provide a redirect identification within the http library? I would prefer a function that returns the new url as string. Additional optional arguments could prevent access outside the target host/port.
Furthermore, I would appreciate a generic function for generating and sending http requests. The definition of the target host, target port, method, resource, protocol and additional headers would be great.
Regards, Marc [1] http://seclists.org/nmap-dev/2009/q3/673 [2] http://www.computec.ch/projekte/httprecon/?s=news[3] http://www.computec.ch/projekte/httprecon/news/nmap_nse_httprecon_alpha3.png
[4] http://www.scip.ch/?labs -- Marc Ruef | marc.ruef () computec ch | http://www.computec.ch/mruef/ _________________________________________________________________Meine letzte Publikation: "Industrialisierung des Auditing-Bereichs" http://www.computec.ch/news.php?item.327
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] http Library Enhancements/Strategy Marc Ruef (May 04)
- Re: [NSE] http Library Enhancements/Strategy David Fifield (May 04)
- Re: [NSE] http Library Enhancements/Strategy Marc Ruef (May 04)
- Re: [NSE] http Library Enhancements/Strategy David Fifield (May 04)
- Re: [NSE] http Library Enhancements/Strategy Marc Ruef (May 04)
- Re: [NSE] http Library Enhancements/Strategy David Fifield (May 04)