Nmap Development mailing list archives
Re: NSE script: HTTP Internal IP Address Disclosure
From: Patrick Donnelly <batrick () batbytes com>
Date: Mon, 30 May 2016 21:44:13 -0400
Hi Josh, On Mon, May 30, 2016 at 6:12 AM, Josh Amishav-Zlatin <jamuse () gmail com> wrote:
I attached an NSE script that checks if the remote web server discloses its internal IP address when sending an HTTP/1.0 request without a Host header. While this is a common issue for certain unpatched versions of IIS, other misconfigured web servers can be vulnerable a well.
Interesting script idea! Few comments: o Don't declare locals at the top of functions unless necessary for some specific reason (e.g. wider variable scope required). Declare locals at first use. (specifically looking at generateHttpV1_0Req. o The location local in generateHttpV1_0Req appears unused? o Use the string method access for brevity/performance: Instead of string.match(lines, ...), do lines:match(...). o Perhaps the script should only report internal IPs if different from host.ip? o The validateIP function looks appropriate for a library (if it is not already written). Perhaps the ipOps library. -- Patrick Donnelly _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- NSE script: HTTP Internal IP Address Disclosure Josh Amishav-Zlatin (May 30)
- Re: NSE script: HTTP Internal IP Address Disclosure Patrick Donnelly (May 30)
- Re: NSE script: HTTP Internal IP Address Disclosure Josh Amishav-Zlatin (Jun 01)
- Re: NSE script: HTTP Internal IP Address Disclosure Patrick Donnelly (Jun 07)
- Re: NSE script: HTTP Internal IP Address Disclosure Patrick Donnelly (Jun 08)
- Re: NSE script: HTTP Internal IP Address Disclosure Josh Amishav-Zlatin (Jun 09)
- Re: NSE script: HTTP Internal IP Address Disclosure Patrick Donnelly (Jun 09)
- Re: NSE script: HTTP Internal IP Address Disclosure Josh Amishav-Zlatin (Jun 01)
- Re: NSE script: HTTP Internal IP Address Disclosure Patrick Donnelly (May 30)