Nmap Development mailing list archives
Re: Inconsistent results with httpspider.maxpagecount
From: xgermx <xgermx () gmail com>
Date: Mon, 12 May 2014 13:10:09 -0500
Hello George, I have tested the attached patch with success. I believe this should be committed. *Caveat emptor* This is the first time I've tested a patch like this, so I'm going to share the steps I took to test this. If something looks out of place or totally wrong, please let me know. -installed clean version of Ubuntu 14.04 -installed dev tools via 'build-essential' packages -cloned trunk via: svn co https://svn.nmap.org/nmap -copied httpspider_max.diff to Ubuntu system, nmap/nselib -patched file by issuing: "patch httpspider.lua < httpspider_maxpagecount_minusone_option.diff" -verified patch by diffing the updated httpspider.lua against https://svn.nmap.org/nmap/nselib/httpspider.lua -compiled via: ./configure, make, make install -performed same tests as bug identification, this time with consistent working results If I have made a mistake, kindly let me know. Thanks, xgermx On Sun, May 11, 2014 at 6:18 AM, George Chatzisofroniou <sophron () latthi com>wrote:
Hi, On Mon, May 05, 2014 at 12:54:35PM -0500, xgermx wrote:https://svn.nmap.org/nmap/nselib/httpspider.lua The "maxpagecount" argument inside the httpspider library offers the following option: A negative value disables the limit. This is similar to the httpspider.maxdepth option. In my testing using a negative number with maxpagecount often fails while using a negative number with maxpagedepth works consistently. This can been seen in some scripts utilizing the httpspider.maxpagecount such http-auth-finder. Sample command with debug using maxpagecount=99 http://pastebin.com/raw.php?i=5fkwLaDA Sample command with debug using maxpagecount=-1 http://pastebin.com/raw.php?i=w93i5MZ2 Environment info: Nmap 6.40 uname -a Linux KK 3.7-trunk-686-pae #1 SMP Debian 3.7.2-0+kali8 i686 GNU/Linux In my testing, I often encounter more errors with maxpagecount when combining multiple script arguments, although this is not alwaysrequired,as demonstrated in the pastes above. I will gladly administer more specific tests if advised.Thanks for this report. Can you please try the attached patch and let us know if the maxpagecount option now works as expected for negative values? -- George Chatzisofroniou
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Inconsistent results with httpspider.maxpagecount xgermx (May 10)
- Re: Inconsistent results with httpspider.maxpagecount George Chatzisofroniou (May 11)
- Re: Inconsistent results with httpspider.maxpagecount xgermx (May 14)
- Re: Inconsistent results with httpspider.maxpagecount George Chatzisofroniou (May 13)
- Re: Inconsistent results with httpspider.maxpagecount xgermx (May 14)
- Re: Inconsistent results with httpspider.maxpagecount George Chatzisofroniou (May 11)