Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NSE http lib cookies

From: Ryan Dewhurst <ryandewhurst () gmail com>
Date: Mon, 14 Mar 2011 22:47:15 +0000
This doesn't seem to work for me in Nmap 5.50 unless I am being dumb.

On Mon, Mar 14, 2011 at 10:38 PM, Patrik Karlsson <patrik () cqure net> wrote:


Hi Ryan,

You can use the following example code to iterate over cookies and their
attributes:

for _, cookie in ipairs(result.cookies) do
       stdnse.print_debug(0, "Cookie: name=%s; value=%s; path=%s",
cookie.name, cookie.value, cookie.path)
end

//Patrik

On Mar 14, 2011, at 11:29 , Ryan Dewhurst wrote:


Hi,

I am attempting to write a NSE script for an experiment however I am

having

trouble accessing HTTP response cookies from the http lib. I think this

is

due to my lack of understanding of how LUA works.

What I am trying to do is send a HTTP request, then access the HTTP

response

cookies for later manipulation. I managed to do this by using strsplit()

on

rawheaders() but then noticed the cookies() method and thought it would

be

cleaner to use.

I thought the following would have worked, but it does not:
result.cookies[1].name

Here is a pastie of the code:
http://pastie.org/1669666

Here is the command I am using:
nmap -sT www.bbc.co.uk -n -PN -p 80,443

--script=http-null-cookie-fpd.nse


I suspect its just a case of me not knowing the syntax however have spent
many hours trying different variations.

Thank you,
Ryan

Ryan Dewhurst

blog www.ethicalhack3r.co.uk
projects www.dvwa.co.uk | www.webwordcount.com
twitter www.twitter.com/ethicalhack3r
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: