Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] http-form-brute enhancement

From: Shritam Bhowmick <shritam.bhowmick () gmail com>
Date: Mon, 13 Oct 2014 22:35:10 +0530
Testing the same since I am keeping a track on this.

Regards
Shritam Bhowmick
Technical Specialist and Web Application Penetration Tester,
Defencely
http://www.defencely.com

The information contained herein (including any accompanying documents) is
confidential and is intended solely for the addressee(s). It may contain
proprietary, confidential, privileged information or other information
subject to legal restrictions. If you are not the intended recipient of
this message, please do not read, copy, use or disclose this message or its
attachments. Please notify the sender immediately and delete all copies of
this message and any attachments. This e-mail message including
attachment(s), if any, is believed to be free of any virus. However, it is
the responsibility of the recipient to ensure for absence of viruses.
OpenFire Technologies shall not be held responsible nor does it accept
any liability for any damage arising in any way from its use.


On Mon, Oct 13, 2014 at 10:27 PM, <nnposter () users sourceforge net> wrote:


nnposter wrote:

* The new version has a direct dependency on url.build_query()
performing URL encoding of parameter names and values. It only impacts
GET-based forms. (See http://seclists.org/nmap-dev/2014/q3/427 for
details.)


Daniel Miller wrote:

I committed this (with an minor update for compatibility with a change I
made last night) in r33703.


I have noticed that my patch for http-form-brute got committed without
the above-mentioned dependency. Please let me know if there are any
issues with my proposal (for letting url.parse_query() and
url.build_query() perform automatic URL encoding/decoding).


Cheers,
nnposter
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: