Nmap Development mailing list archives
Re: http-methods & http-trace NSE Script Enhancement Ideas
From: Patrik Karlsson <patrik () cqure net>
Date: Fri, 25 May 2012 18:27:00 +0200
On Fri, May 25, 2012 at 3:29 PM, King Thorin <kingthorin () hotmail com> wrote:
Date: Thu, 24 May 2012 13:45:30 -0700 From: david () bamsoftware com To: kingthorin () hotmail com CC: nmap-dev () insecure org Subject: Re: http-methods & http-trace NSE Script Enhancement Ideas On Wed, May 23, 2012 at 08:17:03AM -0400, King Thorin wrote:I was just looking through some online docs and some nmap results. I've never seen a server that includes public or allow header(s) on a redirect response [maybe my experience is limited?]. It seems to methat the http-methods NSE should followredirects (HTTP 301, 302, 303) in order to perform the necessaryOPTIONSrequest on a page/resource that's providing a HTTP 200.Ideally the redirect handling would work the same as the built-in handling of the http.get and http.head methods. See this earlier discussion: http://seclists.org/nmap-dev/2012/q1/338 David FifieldHi David, I definitely agree with this idea. Someone else mentioned it yesterday. Unfortunately: 1) I'm not a developer. Though I understand code at a beginner or "maybe" intermediate level and can write some kludgey bits I don't write code on a daily basis. Looking at http://nmap.org/nsedoc/lib/http.html yesterday did not clarify redirect_ok or MAX_REDIRECT_COUNT for me at all. 2) The existing redirect functionality (based on the thread you linked) only seems to cover get and head not http.generic_request. 3) I've done some intext and site:nmap.org googling looking for existing NSEs that leverage the existing functionality but they seem pretty rare and are only get/head based. _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
I see two options; 1. The script is adapted not to use the generic_request method anymore but rather use the method specific function such as get, put, head that already have redirect support. A mapping would have to be made in the script to know what function to use for what method and the missing method specific functions would need to be created (more or less copied from existing ones, eventually leaving out cache support). 2. The script continues to use generic_request and implements the redirect function either locally or by removing the local keyword infront of those functions in the http library so that their visible to the script. Personally, I think I would go with alternative 1. //Patrik -- Patrik Karlsson http://www.cqure.net http://twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- http-methods & http-trace NSE Script Enhancement Ideas King Thorin (May 23)
- Re: http-methods & http-trace NSE Script Enhancement Ideas Paulino Calderon (May 23)
- Re: http-methods & http-trace NSE Script Enhancement Ideas Toni Ruottu (May 23)
- RE: http-methods & http-trace NSE Script Enhancement Ideas King Thorin (May 23)
- Re: http-methods & http-trace NSE Script Enhancement Ideas Patrik Karlsson (May 23)
- RE: http-methods & http-trace NSE Script Enhancement Ideas King Thorin (May 23)
- Re: http-methods & http-trace NSE Script Enhancement Ideas Toni Ruottu (May 23)
- Re: http-methods & http-trace NSE Script Enhancement Ideas Paulino Calderon (May 23)
- RE: http-methods & http-trace NSE Script Enhancement Ideas King Thorin (May 25)
- Re: http-methods & http-trace NSE Script Enhancement Ideas Patrik Karlsson (May 25)
- RE: http-methods & http-trace NSE Script Enhancement Ideas King Thorin (May 25)
- Re: http-methods & http-trace NSE Script Enhancement Ideas Patrik Karlsson (May 25)
- RE: http-methods & http-trace NSE Script Enhancement Ideas King Thorin (May 27)
- RE: http-methods & http-trace NSE Script Enhancement Ideas King Thorin (May 30)
- Re: http-methods & http-trace NSE Script Enhancement Ideas David Fifield (May 30)
- RE: http-methods & http-trace NSE Script Enhancement Ideas King Thorin (May 31)
- RE: NSE: http-phpself-xss - Finds PHP files with reflected cross site scripting vulns due to unsafe use of the variable $_SERVER[PHP_SELF] King Thorin (Jun 01)
- RE: NSE: http-phpself-xss - Finds PHP files with reflected cross site scripting vulns due to unsafe use of the variable $_SERVER[PHP_SELF] King Thorin (Jun 01)
- Re: NSE: http-phpself-xss - Finds PHP files with reflected cross site scripting vulns due to unsafe use of the variable $_SERVER[PHP_SELF] Paulino Calderon (Jun 05)
- Re: NSE: http-phpself-xss - Finds PHP files with reflected cross site scripting vulns due to unsafe use of the variable $_SERVER[PHP_SELF] Martin Holst Swende (Jun 01)