[NSE] http-form-fuzzer doesn't handle status code 414

[Daniel Miller <bonsaiviking () gmail com>]

List,

While testing http-form-fuzzer, I noticed this response come back from
my server:

> HTTP/1.1 414 Request-URI Too Large
> Date: Sat, 07 Jul 2012 22:02:26 GMT
> Server: Apache/2.2.14 (Ubuntu) PHP/5.3.2-1ubuntu4.17 with Suhosin-Patch mod_antiloris/0.4
> Vary: Accept-Encoding
> Content-Length: 394
> Connection: close
> Content-Type: text/html; charset=iso-8859-1
>
> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> <html><head>
> <title>414 Request-URI Too Large</title>
> </head><body>
> <h1>Request-URI Too Large</h1>
> <p>The requested URL's length exceeds the capacity
> limit for this server.<br />
> </p>
> <hr>
> <address>Apache/2.2.14 (Ubuntu) PHP/5.3.2-1ubuntu4.17 with Suhosin-Patch mod_antiloris/0.4 Server at hostname Port 
> 80</address>
> </body></html>

I think that http-form-fuzzer should probably check for 414 status
code (Request-URI Too Large) and adjust down accordingly, since it
seems obvious the server is handling large GET requests by rejecting
them. Perhaps other status codes should be examined for similar
situations? Just some thoughts without clear direction on how to
modify the code.

Dan
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/