Nmap Development mailing list archives
Re: [NSE] http-git.nse - false positive
From: David Fifield <david () bamsoftware com>
Date: Tue, 5 Mar 2013 13:38:24 -0800
On Sat, Mar 02, 2013 at 09:46:03AM -0600, Tom Sellers wrote:
http-git.nse will generate false positives against any HTTP service that returns status code 200 when '.git/HEAD' is requested. There are quite a few "broken" web services that will return 200 to any request. The logic around line 97 should probably be reworked to match valid content of the .git/HEAD file. All of the copies of this file that I could find seem to contain 'ref: refs/heads/master' but I don't know that this is representative of what the file could contain.
I was able to get contents of the file looking like any of these, depending on what branch I have checked out: ref: refs/heads/master ref: refs/heads/tmp 5b050a66d39b746a7ddcc0a2fb6272b99eb0018c Here are some docs: http://git-scm.com/book/ch9-3.html#The-HEAD https://www.kernel.org/pub/software/scm/git/docs/git-symbolic-ref.html How about checking that the first line begins with "ref: " or else is a 160-bit hex string? Can you do it? David Fifield _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] http-git.nse - false positive Tom Sellers (Mar 02)
- Re: [NSE] http-git.nse - false positive David Fifield (Mar 05)
- Re: [NSE] http-git.nse - false positive Tom Sellers (Mar 05)
- Re: [NSE] http-git.nse - false positive David Fifield (Mar 05)
- Re: [NSE] http-git.nse - false positive Tom Sellers (Mar 05)
- Re: [NSE] http-git.nse - false positive David Fifield (Mar 05)