Nmap Development mailing list archives
Re: [NSE] http-cakephp-version: False Positive
From: Paulino Calderon <paulino () calderonpale com>
Date: Sun, 29 May 2011 12:28:58 -0700
On 05/29/2011 07:33 AM, Tom Sellers wrote:
Paulino,It looks like there is a logic bug in http-cakephp-version that resultsin 'http-cakephp-version: Version of codebase: 1.3.x' being returned for any query against a HTTP port where the response is not 200. File notfound, response 404, and Unauthorized, response 401, are two examples of this.This can be reproduced using the following command line: sudo nmap -sSCV -p80 --script=http-cakephp-version.nse www.google.com 80/tcp open http Google httpd 2.0 (GFE) |_http-cakephp-version: Version of codebase: 1.3.x The problem appears to be in lines 62 and 63 where it reports 1.3.x for any Non-200 response. 58 -- Is /js/vendors.php there? 59 response = http.get(host, port, VENDORS_QUERY) 60 if response.body and response.status == 200 then 61 installation_version = {"1.1.x","1.2.x"} 62 elseif response.status ~= 200 then ****** 63 installation_version = {"1.3.x"} ****** 66 end I would recommend adjusting the logic to include some form of positive check for the presence of CakePHP and removing the default 1.3.x version stamp for non-200 HTTP responses. Thanks much, Tom _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Thanks for the bug report! I've fixed this in r23440. Cheers. -- Paulino Calderón Pale Web: http://calderonpale.com Twitter: @paulinocaIderon _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] http-cakephp-version: False Positive Tom Sellers (May 29)
- Re: [NSE] http-cakephp-version: False Positive Paulino Calderon (May 29)