Re: [PATCH] sql-injection.nse arguments

[Joao Correa <joao () livewire com br>]

Hi guys,

I've been discussing about this changes with Fyodor and we both agreed
that it would be better if, instead of arguments, that the script
could resolve the hostname by itself. I'm sending a new patch that
allows the code to resolve the hostname, exactly as it is done in
http.lua, enabling the script to scan virtually hosted websites.

The changes previously proposed were kept.

Thanks,
Joao

On Sat, Jul 11, 2009 at 2:33 PM, Joao Correa<joao () livewire com br> wrote:
> Hello guys,
>
> I was making a few tests with sql-injection.nse and, due to some
> restrictions, I started getting annoyed about the big number of
> websites that the script was unable to scan.
>
> The way sql-injection.nse works makes it unable to scan virtually
> hosted websites for sql injections, due to the script being unable to
> retrieve the website hostname. This patch creates an argument
> (sql-injection.host) for the hostname, so if the user wants to scan a
> virtually hosted website, he can just specify which is the website's
> hostname. Also, I've introduced a second argument, called
> sql-injection.start, which specifies the starting point for the scan
> (sometimes, it is useful avoiding initial pages with only flash
> introductions, or only scanning part of a large website tree).
>
> The patch is very simple and also fixes some comments.

Attachment: sql-injection-hostname.diff
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org