Nmap Development mailing list archives

Re: [NSE] http.lua and delimiters

From: David Fifield <david () bamsoftware com>
Date: Wed, 1 Oct 2008 22:00:55 -0600

On Thu, Oct 02, 2008 at 03:09:26AM +0100, jah wrote:

I've spent the evening on the rather arduous task of verifying that my
proposed changes to the http library work as expected and comparing the
results with the current version.  I knocked-up a quick script which
uses both versions of the library to perform http.get(), print the
status code, each of the header values and the length of the body.  I
ran wireshark whilst this ran against 142 hosts and then manually
verified that the script results matched the wireshark capture.  I
checked that the response code matched, that all of the headers were
captured and that the body length was correct.

Of the 142 hosts with port 80 open, the current library failed 34 times
and the new version 0 times.


I have to say, those are compelling numbers. I may have been too quick
to judge your patch earlier. I'm looking forward to seeing your updated
patch.

I'm pretty much ready to submit an updated patch as used for this test,
but there's just one thing I'm wondering about adding.  The header value
containing the status code (Status-Line) is currently discarded after
the code itself is captured, but I'm tending toward keeping it to be
more complete.  Also, sometimes they're almost interesting:
HTTP/1.1 403 Forbidden ( The server denied the specified Uniform
Resource Locator (URL). Contact the server administrator.  )


That's fine by me. I don't it should be part of the header, rather a
separate table entry, because it appears it's not really considered part
of the header:

        generic-message = start-line
                          *(message-header CRLF)
                          CRLF
                          [ message-body ]
        start-line      = Request-Line | Status-Line

        message-header = field-name ":" [ field-value ]

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Re: [NSE] http.lua and delimiters Sven Klemm (Oct 01)
- Re: [NSE] http.lua and delimiters Sven Klemm (Oct 01)
- <Possible follow-ups>
- Re: [NSE] http.lua and delimiters jah (Oct 01)
- Re: [NSE] http.lua and delimiters jah (Oct 01)
  - Re: [NSE] http.lua and delimiters David Fifield (Oct 01)
    - Re: [NSE] http.lua and delimiters jah (Oct 02)
    - Re: [NSE] http.lua and delimiters David Fifield (Oct 02)
    - Re: [NSE] http.lua and delimiters Sven Klemm (Oct 03)
    - Re: [NSE] http.lua and delimiters jah (Oct 03)
    - Re: [NSE] http.lua and delimiters David Fifield (Oct 03)