Nmap Development mailing list archives
Re: Enhanced Version of HTTPtrace.nse
From: Thomas Buchanan <tbuchanan () thecompassgrp net>
Date: Thu, 13 Dec 2007 20:07:20 -0600
Rob Nicholls wrote: <snip>
I changed the portrule so it'll test any open tcp port that's detected by nmap as "http" or "https" (obviously, a version scan needs to be performed to identify unusual ports), as Kris' original script only tested 80 or 8080. It should also be obvious that the Windows client won't see "https", they'll get "ssl", so the script won't run against secure HTTP servers for Windows based nmap users. I haven't tested this script using nmap on a Linux host (yet), but I'm hoping adding the rule to support https shouldn't be a problem. I'm sure someone will let me know otherwise.
Rob, I think it takes a little more than this to enable SSL support. You have to pass a different protocol ("ssl" instead of "tcp") to the socket:connect() call for SSL connections. See showHTMLTitle.nse for an example. Also, you may want to use the recently introduced nmap.have_ssl() to test whether Nmap was compiled with SSL support. Hope this helps, Thomas _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Enhanced Version of HTTPtrace.nse Rob Nicholls (Dec 13)
- Re: Enhanced Version of HTTPtrace.nse Kris Katterjohn (Dec 13)
- Re: Enhanced Version of HTTPtrace.nse jah (Dec 13)
- RE: Enhanced Version of HTTPtrace.nse Rob Nicholls (Dec 13)
- RE: Enhanced Version of HTTPtrace.nse Rob Nicholls (Dec 13)
- Re: Enhanced Version of HTTPtrace.nse Thomas Buchanan (Dec 13)
- RE: Enhanced Version of HTTPtrace.nse Rob Nicholls (Dec 14)
- RE: Enhanced Version of HTTPtrace.nse Rob Nicholls (Dec 14)
- Re: Enhanced Version of HTTPtrace.nse Fyodor (Dec 15)
- RE: Enhanced Version of HTTPtrace.nse Rob Nicholls (Dec 14)
- Re: Enhanced Version of HTTPtrace.nse Kris Katterjohn (Dec 13)