Re: [NSE] new script - http-exif-spider

[Ron <ron () skullsecurity net>]

On Thu, 26 Jul 2012 15:29:00 +0200 Patrik Karlsson <patrik () cqure net> wrote:
> Cool script! Some comments after a very quick look:
> There's some trailing byte \xB4 after the model, should it be there?
That's there in the file.. I don't know why, but I figured I'd just leave it. 

> Would it make sense to remove the constants that are not being used?
I personally like it, it makes it easier to expand later and makes it easier for people who need the list for whatever 
reason, but it doesn't matter too much to me. 

> Perhaps the script would benefit from a less restrictive blacklist,
> permitting images, but blocking archives and other cruft?
>
> The blacklist suggestion illustrates a shortcoming in the library
> itself, as there is no easy way of removing an extension category or
> extension from the default blacklist. So a custom blacklist would
> have to be loaded using the addBlacklist method in the options class.
How hard would it be to add a whitelist feature that can override the blacklist?

Ron
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/