Nmap Development mailing list archives
Re: http-changelog.nse script and GSoC participation.
From: David Fifield <david () bamsoftware com>
Date: Fri, 26 Jul 2013 03:17:36 -0700
On Sat, Jun 15, 2013 at 09:12:02PM +0530, Yashin Mehaboobe wrote:
I've made the changes you suggested i.e allow any file to be fingerprinted. Right now the script takes a resource argument which will point out the file which is to be hashed. A file containing the hashes for comparison will be kept in the nselib/data folder. Code is here: https://gist.github.com/Sp3ctr3/5786362 . The database file is available here: https://gist.github.com/Sp3ctr3/5788511
I'm a bit confused by the database format at https://gist.github.com/Sp3ctr3/5788511. The entries don't seem to have the name of the file that should be hashed to get them. How does the http-staticfile script at https://gist.github.com/Sp3ctr3/5786362 know what files to request? Anyway, I think this approach of a new database and new script is not the best one. I would rather see the http-enum database augmented with a new md5 match type. There's really no reason to have separate scripts that differ only in how they match fingerprints. David Fifield _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: http-changelog.nse script and GSoC participation. David Fifield (Jul 26)
- Re: http-changelog.nse script and GSoC participation. Yashin Mehaboobe (Jul 30)