Nmap Development mailing list archives

Re: [NSE] http-useragent-tester.nse

From: George Chatzisofroniou <sophron () latthi com>
Date: Sat, 27 Jul 2013 21:35:18 +0300

Hi Paulino,

On Fri, Jul 26, 2013 at 12:26:07PM -0500, Paulino Calderon wrote:

Have you considered including the capability of discovering new
hosts with this script?


That's a good addition. The script now checks if the returned location 
lies outside the target host. If it is, the target library adds the new
discovered target to Nmap scan queue.

I've encountered web servers that redirect
you to different hosts depending on the UserAgent.


I was thinking about cases in which this could happen. I came up with two:

- Hosts that detect headers from crawling libraries/ultities and ban
  these clients. That's what the current script is checking.

- Hosts that hold a mobile version of the site and redirect the clients
  to this version. I'll post a script that checks this soon.

If anyone knows more cases, please let me know. Maybe we will come up with new
script ideas.

-- 
George Chatzisofroniou
sophron.latthi.com
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] http-useragent-tester.nse George Chatzisofroniou (Jul 25)
- Re: [NSE] http-useragent-tester.nse Paulino Calderon (Jul 26)
  - Re: [NSE] http-useragent-tester.nse George Chatzisofroniou (Jul 27)
    - Re: [NSE] http-useragent-tester.nse Daniel Miller (Jul 27)
    - Re: [NSE] http-useragent-tester.nse George Chatzisofroniou (Jul 30)
    - Re: [NSE] http-useragent-tester.nse Robin Wood (Jul 30)
    - Re: [NSE] http-useragent-tester.nse George Chatzisofroniou (Jul 30)
    - Re: [NSE] http-useragent-tester.nse George Chatzisofroniou (Jul 30)
- Re: [NSE] http-useragent-tester.nse George Chatzisofroniou (Aug 10)