Nmap Development mailing list archives
Re: [NSE] script to detect phpfilevault version 09
From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 19 Aug 2016 16:49:35 -0500
Johanna, Thanks for this contribution. Given the simplicity of the check, I think you could easily convert it to a http-enum fingerprint [1]. Check out the fingerprints file in nselib/data/http-fingerprints.lua. This has the added benefit of handling a few common cases that might cause false-positives, specifically servers that return 200 OK for every request. I don't think it would work well as a standalone script because of how little this plugin is used: only 119 downloads in the last year, 90 or so of which came immediately after the vulnerability was disclosed. Let us know how it goes! We'd be glad to help and credit you with your first entry in the CHANGELOG. Dan [1] https://nmap.org/nsedoc/scripts/http-enum.html On Thu, Jul 28, 2016 at 10:58 PM, Johanna Curiel <johannapcuriel () gmail com> wrote:
Hi list, Couple of days ago the following vulnerability was reported https://www.exploit-db.com/exploits/40163/ I wrote the following nse script (tested) https://github.com/jowasp/nmap/blob/master/scripts/http- phpfilevault09-dir-traversal.nse Cheers Johanna _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] script to detect phpfilevault version 09 Johanna Curiel (Jul 28)
- Re: [NSE] script to detect phpfilevault version 09 Daniel Miller (Aug 19)
- Re: [NSE] script to detect phpfilevault version 09 Johanna Curiel (Aug 20)
- Re: [NSE] script to detect phpfilevault version 09 Johanna Curiel (Aug 21)
- Re: [NSE] script to detect phpfilevault version 09 Johanna Curiel (Aug 20)
- Re: [NSE] script to detect phpfilevault version 09 Daniel Miller (Aug 19)