Nmap Development mailing list archives

Re: Apache killer 3192

From: Adrian Coelho <adrian.coelho () gmail com>
Date: Mon, 12 Sep 2011 06:09:07 -0700

hi,

the scripts works for port 80. It detects if a server is vulnerable to
Apache Killer. For port 443, iI get the following error....

*Initiating NSE at 15:33
NSE: Setting the host name to 'x.x.x.x' since
'http-vuln-cve2011-3192.hostname' argument is missing.
NSE: http-vuln-cve2011-3192 against x.x.x.x:443 threw an error!
.../local/share/nmap/scripts/http-vuln-cve2011-3192.nse:86: variable
'script_opts' is not declared
stack traceback:
        [C]: in function 'error'
        /usr/local/share/nmap/nselib/strict.lua:69: in function
</usr/local/share/nmap/nselib/strict.lua:60>
        .../local/share/nmap/scripts/http-vuln-cve2011-3192.nse:86: in
function <.../local/share/nmap/scripts/http-vuln-cve2011-3192.nse:41>
        (tail call): ?

Completed NSE at 15:33, 0.02s elapsed

Completed NSE at 15:33, 0.02s elapsed
Nmap scan report for
Host is up, received syn-ack (0.0089s latency).
Scanned at 2011-09-12 15:33:40 BST for 2s
PORT    STATE    SERVICE REASON
80/tcp  filtered http    no-response
443/tcp open     https   syn-ack
Final times for host: srtt: 8850 rttvar: 6639  to: 100000

NSE: Starting runlevel 1 (of 1) scan.
Read from /usr/local/share/nmap: nmap-payloads nmap-services.
Nmap done: 1 IP address (1 host up) scanned in 2.66 seconds
           Raw packets sent: 9 (372B) | Rcvd: 2 (88B)
*
any help?


On Mon, Sep 12, 2011 at 3:47 AM, Henri Doreau <henri.doreau () greenbone net>wrote:

2011/9/12 Adrian Coelho <adrian.coelho () gmail com>:


Hi,

I tried the apache killer script on few webservers running https

(443/tcp) and it was not able to determine if the server is vulnerable or
not? Am I missing something or does the script need some tweaking?


Regards,

Adrian Coelho

Hello,

Not sure what happened there... what do you mean by  "not able to
determine"?

If you get no output it's likely that your target isn't vulnerable, as
by default the script won't display anything if the target isn't
vulnerable, in order to avoid bloating the output. There might also be
a problem with the script though. Can you try to run it with debug
mode enabled (-d)? That should give you much more information about
what actually happens.

Regards.

--
Henri




-- 
Thanks,
Adrian
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Apache killer 3192 Adrian Coelho (Sep 12)
- Re: Apache killer 3192 Henri Doreau (Sep 12)
  - Re: Apache killer 3192 Adrian Coelho (Sep 12)
    - Re: Apache killer 3192 Henri Doreau (Sep 12)
  - Re: Apache killer 3192 Adrian Coelho (Sep 12)
    - Re: Apache killer 3192 Henri Doreau (Sep 12)
    - Re: Apache killer 3192 John Bond (Sep 12)
    - Re: Apache killer 3192 Adrian Coelho (Sep 12)
    - Re: Apache killer 3192 Duarte Silva (Sep 13)