Nmap Development mailing list archives
Re: NSE Script http-methods.nse
From: Bernd Stroessenreuther <berny1 () users sourceforge net>
Date: Tue, 23 Feb 2010 20:26:21 +0100
Hi David,
That has some good ideas. I like the idea of using a nonexistent method for enumeration. You can use that to get the methods from an Ncat HTTP proxy: $ ncat -l --proxy-type http $ ncat localhost BOGUS http://test/ HTTP/1.0 HTTP/1.0 405 Method Not Allowed Allow: CONNECT, GET, HEAD, POST $ ncat localhost OPTIONS http://test/ HTTP/1.0 HTTP/1.0 405 Method Not Allowed Allow: CONNECT, GET, HEAD, POST
Using a non existant method has - from my point of view - one major disadvantage: A reverse proxy might notice this invalid request and might drop it, e. g. giving a 403 or something else. You might not even get trough to the target system. A valid HTTP method like OPTIONS has much better chances to get through. And I think currently more and more companies build up revese proxies in front of their web applications to better protect them. Best regards, Bernd Stroessenreuther _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: NSE Script http-methods.nse, (continued)
- Re: NSE Script http-methods.nse David Fifield (Feb 22)
- Re: NSE Script http-methods.nse Fyodor (Feb 22)
- Re: NSE Script http-methods.nse Patrik Karlsson (Feb 23)
- Re: NSE Script http-methods.nse David Fifield (Feb 23)
- Re: NSE Script http-methods.nse Patrik Karlsson (Feb 23)
- Re: NSE Script http-methods.nse David Fifield (Mar 02)
- Re: NSE Script http-methods.nse Daniel Roethlisberger (Mar 05)
- Re: NSE Script http-methods.nse Bernd Stroessenreuther (Mar 05)
- Re: NSE Script http-methods.nse Vlatko Kosturjak (Feb 21)
- Re: NSE Script http-methods.nse David Fifield (Feb 22)
- Re: NSE Script http-methods.nse Bernd Stroessenreuther (Feb 23)
- Re: NSE Script http-methods.nse David Fifield (Feb 23)