Re: [NSE] HTTP TRACE script

["Kris Katterjohn" <katterjohn () gmail com>]

On 9/1/07, Kris Katterjohn <katterjohn () gmail com> wrote:
> I wrote:
> > I've attached an NSE script which sends an HTTP TRACE command to a
> > server and examines the response for modifications.
>
> In what Brandon calls poor form, I'm replying to myself:
>
> I missed something that never came up in initial testing, but showed up
> twice in one scan (-iR 5000) this morning: a host sending a 200 OK, but
> actually being a 400-level error HTML message with no trace.
>
> After rescanning the guilty hosts with the attached script and using
> --script-trace, it seems to work fine.
>
> I attached the copy so you can test it out without patching, but here's
> the diff:

In what Brandon would probably call extremely poor form, I'm replying to
myself again :)

I've applied a modified script to SVN, which should be better.  It only
prints the modifications from the request, and only prints, at most, the
first 5 additional lines of it.  Also, it's only in the "discovery" category
rather than in "safe" too.

Thanks,
Kris Katterjohn

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org