Nmap Development mailing list archives
[NSE] http-cakephp-version: False Positive
From: Tom Sellers <nmap () fadedcode net>
Date: Sun, 29 May 2011 09:33:13 -0500
Paulino, It looks like there is a logic bug in http-cakephp-version that results in 'http-cakephp-version: Version of codebase: 1.3.x' being returned for any query against a HTTP port where the response is not 200. File notfound, response 404, and Unauthorized, response 401, are two examples of this.
This can be reproduced using the following command line: sudo nmap -sSCV -p80 --script=http-cakephp-version.nse www.google.com 80/tcp open http Google httpd 2.0 (GFE) |_http-cakephp-version: Version of codebase: 1.3.x The problem appears to be in lines 62 and 63 where it reports 1.3.x for any Non-200 response. 58 -- Is /js/vendors.php there? 59 response = http.get(host, port, VENDORS_QUERY) 60 if response.body and response.status == 200 then 61 installation_version = {"1.1.x","1.2.x"} 62 elseif response.status ~= 200 then ****** 63 installation_version = {"1.3.x"} ****** 66 end I would recommend adjusting the logic to include some form of positive check for the presence of CakePHP and removing the default 1.3.x version stamp for non-200 HTTP responses. Thanks much, Tom _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] http-cakephp-version: False Positive Tom Sellers (May 29)
- Re: [NSE] http-cakephp-version: False Positive Paulino Calderon (May 29)