Re: [NSE] Script for HTML generator meta tag

[Brendan Coles <bcoles () gmail com>]

Matching meta generator tags is great. Writing a reliable regex for it
sucks.

Here's a few observations from the wild:

An apostrophe (') is sometimes used instead of a quote (")

Some developers use lots of whitespace

The name and content parameters often appear in the reverse order (ie,
content then name)


I've had a lot of success matching meta generator tags using the (somewhat
messy) regex used in WhatWeb:

/<meta[^>^=]+content[\s]*=[\s]*["|']?([^"^'^>]+)["|']?[^>^=]+name[\s]*=[\s]*["|']?generator["|']?/i

/<meta[^>^=]+name[\s]*=[\s]*["|']?generator["|']?[^>^=]+content[\s]*=[\s]*["|']?([^"^'^>]+)["|']?/i

I've attached a list of example meta generators used by many web
applications (taken from WhatWeb plugins) which may be of some use.


On Thu, Jan 12, 2012 at 4:46 AM, Michael Kohl <citizen428 () gmail com> wrote:

> On Wed, Jan 11, 2012 at 2:01 AM, Patrick Donnelly <batrick () batbytes com>
> wrote:
> > can simply be
> >
> >  return response.body:match(pattern)
>
> Done, thanks!
>
> Remember how yesterday I said that the CMS usually behave well and
> insert meta tags properly? Well, today I found this gem:
>
> '<meta name=Generator content="Microsoft Word 11">'
>
> Updated my script to also find this and added the respective site to
> my testfile. New version is here:
>
> https://raw.github.com/citizen428/pentesting/master/nmap/nse/generator.nse
>
> Thanks everyone for the feedback so far,
> Michael
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://seclists.org/nmap-dev/



-- 
Brendan Coles
http://itsecuritysolutions.org/

Attachment: meta-generator-tags.txt
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/