Nmap Development mailing list archives
Re: http-vhosts.nse ready for beta
From: David Fifield <david () bamsoftware com>
Date: Mon, 29 Nov 2010 12:04:37 -0800
On Tue, Nov 16, 2010 at 05:17:05PM -0800, Carlos Pantelides wrote:
Hi: Following the advice of Martin about portrule and the hints from Patrick about unpwdb, I have done very drastic adjustments that include unpwdb.lua too. I know that it is not a precise indicator, but 235 lines down to 138 obtaining the same results, seems ok. I would greatly appreciate any feedback.
Thank you for working on this script. Let me apologize if I was unclear before. You've made the script and patch more complicated, but I prefer that you make it simpler. Even if some of the features are useful and interesting, I'm not convinced that they are worth extra complexity. What I'd like to do is commit a very simple version of the script, and then add features as they are shown to be useful. To be specific, these are the changes I want you to make. 1. Embed the list of hostnames inside the script as a big array. Remove hostnames.lst and the hostnamesdb script argument. So far this is the only script that needs them; if other scripts need them in the future we can break them out into a data file. I don't want any changes to unpwdb.lua. (I'm not saying your changes to unpwdb.lua are a bad idea, just that I don't want them as a side effect of including this script.) 2. Change the portrule to be portrule = shortport.http Remove the http-vhosts.service argument. Again, I'm not saying that's a bad idea, just that I'm not convinced it's useful and I would prefer handle it separately from the core of the script. After all, if it's good for this script we may want it for all the http scripts. 3. Don't modify host.targetname. When I comment that out and just use the Host header as you have already implemented, it works fine. targetname = makeTargetName(name , domain) response = response .. string.format("http-vhosts: %s(%s)://%s(%s)%s %s: ",port.service,port.number, host.targetname, host.ip, resource, targetname) http_response = http.head(host, port, resource, {header={Host=targetname}}) 631/tcp open ipp syn-ack | http-vhosts: | http-vhosts: ipp(631)://localhost(127.0.0.1)/ www.localhost: 200 |_http-vhosts: ipp(631)://localhost(127.0.0.1)/ www2.localhost: 200 4. Change the name of the http-vhosts.resource script argument to http-vhosts.path. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- http-vhosts.nse ready for beta Carlos Pantelides (Nov 16)
- Re: http-vhosts.nse ready for beta David Fifield (Nov 29)
- <Possible follow-ups>
- Re: http-vhosts.nse ready for beta Carlos Pantelides (Dec 02)
- Re: http-vhosts.nse ready for beta David Fifield (Dec 05)
- Re: http-vhosts.nse ready for beta Carlos Pantelides (Dec 07)
- Re: http-vhosts.nse ready for beta David Fifield (Dec 07)