Nmap Development mailing list archives
Re: [NSE] new script - http-exif-spider
From: Patrik Karlsson <patrik () cqure net>
Date: Thu, 26 Jul 2012 15:39:26 +0200
On Thu, Jul 26, 2012 at 3:27 PM, Ron <ron () skullsecurity net> wrote:
On Thu, 26 Jul 2012 15:29:00 +0200 Patrik Karlsson <patrik () cqure net> wrote:Cool script! Some comments after a very quick look: There's some trailing byte \xB4 after the model, should it be there?That's there in the file.. I don't know why, but I figured I'd just leave it.Would it make sense to remove the constants that are not being used?I personally like it, it makes it easier to expand later and makes it easier for people who need the list for whatever reason, but it doesn't matter too much to me.Perhaps the script would benefit from a less restrictive blacklist, permitting images, but blocking archives and other cruft? The blacklist suggestion illustrates a shortcoming in the library itself, as there is no easy way of removing an extension category or extension from the default blacklist. So a custom blacklist would have to be loaded using the addBlacklist method in the options class.How hard would it be to add a whitelist feature that can override the blacklist?
There's already a whitelist feature in there, that runs after the blacklist. So if the blacklist is empty, the whitelist should still run. When looking into this, I think I noticed a bug, that I just fixed in r29372. You can add a whitelist using the addWhitelist method on the options class. Cheers, Patrik -- Patrik Karlsson http://www.cqure.net http://twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] new script - http-exif-spider Ron (Jul 26)
- Re: [NSE] new script - http-exif-spider Patrik Karlsson (Jul 26)
- Re: [NSE] new script - http-exif-spider Ron (Jul 26)
- Re: [NSE] new script - http-exif-spider Patrik Karlsson (Jul 26)
- Re: [UPDATE] new script - http-exif-spider Ron (Jul 26)
- Re: [UPDATE] new script - http-exif-spider Patrik Karlsson (Jul 26)
- Re: [NSE] new script - http-exif-spider Ron (Jul 26)
- Re: [NSE] new script - http-exif-spider Patrik Karlsson (Jul 26)
- Re: [NSE] new script - http-exif-spider Ron (Jul 26)