Nmap Development mailing list archives
Re: Apache killer 3192
From: Adrian Coelho <adrian.coelho () gmail com>
Date: Mon, 12 Sep 2011 08:56:36 -0700
This is the response for a 443 session for script http://nmap.org/svn/scripts/http-vuln-cve2011-3192.nse *NSE: Starting runlevel 1 (of 1) scan. NSE: Starting http-vuln-cve2011-3192 against x.x.x.x:443. NSE: Script scanning x.x.x.x Initiating NSE at 18:21 NSE: Setting the request path to '/' since 'http-vuln-cve2011-3192.path' argument is missing. NSE: http-vuln-cve2011-3192: Functionality check HEAD request failed for x.x.x.x (with path '/'). NSE: Finished http-vuln-cve2011-3192 against x.x.x.x:443. Completed NSE at 18:21, 0.18s elapsed Host is up, received user-set (0.089s latency). Scanned at 2011-09-12 18:21:33 BST for 1s PORT STATE SERVICE REASON 443/tcp open https syn-ack Final times for host: srtt: 89171 rttvar: 89171 to: 445855* On Mon, Sep 12, 2011 at 3:47 AM, Henri Doreau <henri.doreau () greenbone net>wrote:
2011/9/12 Adrian Coelho <adrian.coelho () gmail com>:Hi, I tried the apache killer script on few webservers running https(443/tcp) and it was not able to determine if the server is vulnerable or not? Am I missing something or does the script need some tweaking?Regards, Adrian CoelhoHello, Not sure what happened there... what do you mean by "not able to determine"? If you get no output it's likely that your target isn't vulnerable, as by default the script won't display anything if the target isn't vulnerable, in order to avoid bloating the output. There might also be a problem with the script though. Can you try to run it with debug mode enabled (-d)? That should give you much more information about what actually happens. Regards. -- Henri
-- Thanks, Adrian _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Apache killer 3192 Adrian Coelho (Sep 12)
- Re: Apache killer 3192 Henri Doreau (Sep 12)
- Re: Apache killer 3192 Adrian Coelho (Sep 12)
- Re: Apache killer 3192 Henri Doreau (Sep 12)
- Re: Apache killer 3192 Adrian Coelho (Sep 12)
- Re: Apache killer 3192 Henri Doreau (Sep 12)
- Re: Apache killer 3192 John Bond (Sep 12)
- Re: Apache killer 3192 Adrian Coelho (Sep 12)
- Re: Apache killer 3192 Duarte Silva (Sep 13)
- Re: Apache killer 3192 Adrian Coelho (Sep 12)
- Re: Apache killer 3192 Henri Doreau (Sep 12)