Re: http-lfi.nse

["Arturo 'Buanzo' Busleiman" <buanzo () buanzo com ar>]

+1 to Ron's comments. I was thinking the same yesterday.


On 6/5/12, Ron <ron () skullsecurity net> wrote:
> On Sat, 2 Jun 2012 20:21:19 +0530 SAN THO <saminside34 () gmail com> wrote:
> > Hi Nmap-Dev,
> >
> >   attaching my new NSE. looking forward to hear your feedback on this
> >
> > --
> > Thanks,
> > SANTHO
> > twitter : @sam34_ <http://twitter.com/sam34_>
>
> This code:
>       local param = tostring(nmap.registry.args[SCRIPT_NAME .. '.param'])
>       local cookie = tostring(nmap.registry.args[SCRIPT_NAME .. '.cookie'])
>       local resource = tostring(nmap.registry.args[SCRIPT_NAME .. '.resource'])
>
> Should use stdnse.get_script_args(). I believe the syntax (it's been awhile
> since I've done this) should be:
>
> local param, cookie, resource = get_script_args('param', 'cookie',
> 'resource')
>
> That being said, it seems kinda pointless to have a script where the user
> has to provide a param/cookie/resource. If I already have an idea of which
> param is going to be vulnerable to LFI - and, worse yet, I already know
> which file I want to resource - I don't need Nmap to check it for me. I can
> just check it in a browser or Burp Suite or any number of tools.
>
> I can only see this being useful if it automatically checks all parameters
> discovered by http-spider.nse.
>
> Ron
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://seclists.org/nmap-dev/

-- 
Sent from my mobile device
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/