Nmap Development mailing list archives
Re: [NSE] NSE HTTP library
From: Sven Klemm <sven () c3d2 de>
Date: Mon, 21 Jan 2008 07:28:16 +0100
Thomas Buchanan wrote:
I had a couple of other observations while I was testing this patch: 1. It might be helpful to check the status and error codes from the socket:connect() and socket:send() calls in http:request(). If we get an error from either call, I don't think it should try and continue to read or write data from the socket.
You are right. I've added this.
2. It would be nice to be able to pass a timeout value to get(), get_url(), etc. The default timeout seems to be 30 seconds, which can be a long time to wait for some of us. :)
I added another parameter to all functions for passing options. The
call to get() with setting the timeout would look like this:
http.get( host, port, '/', {timeout=5000})
I decided to use a table for the options so it's easy to add further
options without changing the function signature.
Cheers,
Sven
--
Sven Klemm
http://cthulhu.c3d2.de/~sven/
-- See nmaps COPYING for licence
module(...,package.seeall)
require 'stdnse'
require 'url'
--
-- http.get( host, port, path )
-- http.request( host, port, request )
-- http.get_url( url )
--
-- host may either be a string or table
-- port may either be a number or a table
--
-- the format of the return value is a table with the following structure:
-- {status = 200, header = {}, body ="<html>...</html>"}
-- the header table has an entry for each received header with the header name being the key
-- the table also has an entry named "status" which contains the http status code of the request
-- in case of an error status is nil
-- fetch relative URL with get request
get = function( host, port, path, options )
local hostname = host
if type(host) == 'table' then
hostname = ( host.name ~= '' and host.name ) or host.ip
end
local data
data = "GET "..path.." HTTP/1.1\r\n"
data = data .. "Host: "..hostname.."\r\n"
data = data .. "User-Agent: Nmap NSE\r\n"
data = data .. "Connection: close\r\n\r\n"
return request( host, port, data, options )
end
-- fetch URL with get request
get_url = function( u, options )
local parsed = url.parse( u )
local port = {}
port.service = parsed.scheme
port.number = parsed.port
if not port.number then
if parsed.scheme == 'https' then
port.number = 443
else
port.number = 80
end
end
local path = parsed.path or "/"
if parsed.query then
path = path .. "?" .. parsed.query
end
return get( parsed.host, port, path )
end
-- send http request and return the result as table
-- host may be a table or the hostname
-- port may be a table or the portnumber
request = function( host, port, data, options )
options = options or {}
if type(host) == 'table' then
host = ( host.name ~= '' and host.name ) or host.ip
end
local protocol = 'tcp'
if type(port) == 'table' then
if nmap.have_ssl() and ( port.service == 'https' or ( port.version and port.version.service_tunnel == 'ssl' ) ) then
protocol = 'ssl'
end
port = port.number
end
local result = {status=nil,header={},body=""}
local socket = nmap.new_socket()
if options.timeout then
socket:set_timeout( options.timeout )
end
if not socket:connect( host, port, protocol ) then
return result
end
if not socket:send( data ) then
return result
end
local buffer = stdnse.make_buffer( socket, "\r?\n" )
local status, line, _
local header, body = {}, {}
-- header loop
while true do
status, line = buffer()
if (not status or line == "") then break end
table.insert(header,line)
end
-- build nicer table for header
for key, value in pairs( header ) do
if key == 1 then
local code
_, _, code = string.find( value, "HTTP/%d\.%d (%d+)")
result.status = tonumber(code)
else
_, _, key, value = string.find( value, "(.+): (.*)" )
if key and value then
key = key:lower()
value = value:gsub( '[\r\n]+', '' )
if result.header[key] then
result.header[key] = result.header[key] .. '\n' .. value
else
result.header[key] = value
end
end
end
end
-- body loop
while true do
status, line = buffer()
if (not status) then break end
table.insert(body,line)
end
socket:close()
result.body = table.concat( body, "\n" )
return result
end
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE] NSE HTTP library Sven Klemm (Jan 16)
- Re: [NSE] NSE HTTP library Kris Katterjohn (Jan 16)
- Re: [NSE] NSE HTTP library Sven Klemm (Jan 17)
- Re: [NSE] NSE HTTP library Sven Klemm (Jan 18)
- Re: [NSE] NSE HTTP library Sven Klemm (Jan 18)
- RE: [NSE] NSE HTTP library Thomas Buchanan (Jan 18)
- Re: [NSE] NSE HTTP library Sven Klemm (Jan 18)
- Re: [NSE] NSE HTTP library Thomas Buchanan (Jan 19)
- RE: [NSE] NSE HTTP library Thomas Buchanan (Jan 19)
- Re: [NSE] NSE HTTP library Sven Klemm (Jan 20)
- Re: [NSE] NSE HTTP library Fyodor (Jan 31)
- Re: [NSE] NSE HTTP library Sven Klemm (Jan 31)
- RE: [NSE] NSE HTTP library Thomas Buchanan (Jan 31)
- Re: [NSE] NSE HTTP library Kris Katterjohn (Jan 31)
- Re: [NSE] NSE HTTP library Sven Klemm (Jan 31)
- Re: [NSE] NSE HTTP library Fyodor (Jan 31)
- Re: [NSE] NSE HTTP library Kris Katterjohn (Jan 31)
- Re: [NSE] NSE HTTP library Sven Klemm (Feb 01)
- Re: [NSE] NSE HTTP library Fyodor (Feb 01)
- Re: [NSE] NSE HTTP library Sven Klemm (Jan 17)
- Re: [NSE] NSE HTTP library Kris Katterjohn (Jan 16)