Nmap Development mailing list archives
Re: Fix for HTTP_open_proxy.nse
From: Sven Klemm <sven () c3d2 de>
Date: Fri, 03 Oct 2008 09:49:10 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Vlatko Kosturjak wrote: |> I think it's not necessary to do regular expression-matching here as |> the service field can only have values from either nmap-services or |> nmap-service-probes. A better fix for the portrule is probably |> portrule = |> shortport.port_or_service({3128,8000,8080},{'squid-http','http-proxy'}) | | If you take a look at original source, it checked for following: | | if (port.number == 3128 or port.number == 8080 or port.service == | "http-proxy" or port.service == "squid-proxy" or port.service == | "squid-proxy?") | | So, it checked for "squid-proxy" and "squid-proxy?". Your sugestion | wouldn't detect that (it's probably older version of squid detection | display). Not sure if we need that, but just want to make sure we don't | miss anything. | | Also, does portrule you suggested detect "squid-http?" and "http-proxy?"? There is no "squid-http?" or "http-proxy?" service. The question mark after the service name is shown by nmap in the commandline output when you scan with service detection enabled but nmap could not verify the service on the port. In this case port.service would still be "squid-http" or "http-proxy" without the question mark. | Let me know your thoughts, so I can write new patch according to our | discussion. David has already merged your patch and my portrule suggestion and committed it (revision 10456). Cheers, Sven - -- Sven Klemm http://cthulhu.c3d2.de/~sven/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkjlznYACgkQevlgTHEIT4a+wwCbByvGdWCTFcha1Y2GwlFx1720 P6sAn3A06/zoQsia8MpDG17gaFXDS1ig =GrY8 -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Fix for HTTP_open_proxy.nse Vlatko Kosturjak (Oct 01)
- Re: Fix for HTTP_open_proxy.nse Sven Klemm (Oct 02)
- Re: Fix for HTTP_open_proxy.nse Vlatko Kosturjak (Oct 03)
- Re: Fix for HTTP_open_proxy.nse Sven Klemm (Oct 03)
- Re: Fix for HTTP_open_proxy.nse Vlatko Kosturjak (Oct 03)
- Re: Fix for HTTP_open_proxy.nse Vlatko Kosturjak (Oct 03)
- Re: Fix for HTTP_open_proxy.nse Sven Klemm (Oct 02)
- Re: Fix for HTTP_open_proxy.nse David Fifield (Oct 02)
- Re: Fix for HTTP_open_proxy.nse Kris Katterjohn (Oct 02)