Nmap Development mailing list archives
Re: softmatch for http
From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 08 Nov 2013 15:25:47 -0600
On 09/18/2013 02:07 AM, Till Maas wrote:
I hope that there is a solution to this. So besides maybe adding the softmatch to other protocols to allow other probes to be run, maybe it can be moved to the end somehow to still find the server to be http, when other probes did not match.
Till,I believe there is now a solution for this. NSE scripts work great for checks that depend on or supplement version scan info, and they run *after* the version scan has completed. I just checked in a script, http-server-header, that should be able to do the kind of detection you want. It won't run if -sV already detected some other service (like UPnP), but in other cases it sends the GetRequest probe and checks for 'HTTP/1.[01] \d\d\d', setting the service to "http" and extracting the Server: header.
Dan _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: softmatch for http Daniel Miller (Nov 08)