Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] http-waf-fingerprint.nse

From: Djalal Harouni <tixxdz () opendz org>
Date: Sun, 10 Jun 2012 14:17:10 +0100
Hi,

Thanks for the script.


You have probably discussed this with Henri, but I just want to bring it
here:
Why fingerprints are included in the script ?


Perhaps adding an 'author' field will bring new fingerprints ?


On Fri, Jun 08, 2012 at 11:44:07AM +0100, Hani Benhabiles wrote:

netscaler = {
    name = "Citrix Netscaler",
    detected = false,
    version = nil,

    match = function(responses)
        for _, response in pairs(responses) do

            -- TODO Check for other version detection possibilities
            -- based on fingerprint difference
            if response.header.via and string.find(response.header.via, 'NS-CACHE') then -- 
                stdnse.print_debug("%s Citrix Netscaler detected through Via Header.", SCRIPT_NAME)
                netscaler.version = string.sub(response.header.server, 10, 12)

In other places you have the checks, but here the check that
response.header.server is set is missing...

Another quick review ?

Thanks.

-- 
tixxdz
http://opendz.org
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: