Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

[NSE] Improved TRACE/TRACK detection script

From: <Patrick.Bogen () foundstone com>
Date: Tue, 18 Oct 2011 11:02:44 -0700
Direct link to the script: http://opensecurityresearch.com/files/http-trace-track.nse
Article explaining the improvements: 
http://blog.opensecurityresearch.com/2011/10/updated-http-tracetrack-plugin-for-nmap.html

Summary:
        * both TRACE and TRACK
        * HTTP/1.1
        * semi-intelligent false positive reduction (compares TRACE/TRACK response to a valid GET response and an 
invalid/made up verb response; verb is only "supported" if the response is HTTP 200, and it differs from the GET 
response, and it differs from the invalid verb response.)

(p.s., please CC me on any replies; I'm not subscribed to the list. If this isn't the correct place to submit a script 
for inclusion, I apologize, and would appreciate any redirection to the proper place.)
--
Patrick Bogen
Consultant
Foundstone Professional Services

Follow Foundstone on Twitter: http://twitter.com/Foundstone
Incident Response & Forensics:  http://www.foundstone.com/IR

http://www.foundstone.com
http://www.mcafee.com
PGP Key: http://www.foundstone.com/us/pgpkeys/patrickbogen.asc
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: