Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] http-filedownload-exploiter draft

From: George Chatzisofroniou <sophron () latthi com>
Date: Wed, 12 Mar 2014 16:07:27 +0200
On Mon, Mar 10, 2014 at 05:03:38AM -0300, Israel Leiva wrote: 

Yes, I've checked http-passwd but I'm not quite sure it fits the purpose of
this script. Yes, the script actually checks for the passwd file, but
_only_ as a last resource, because the webpage may be misconfigured but the
server not necessarily, in that case it won't allow such requests (for
passwd).


Then you should probably extend the http-passwd script and make it execute all
requests rather than ending on the first successful response. And then you can
add your own payloads / methods as well.
 

You should override the default withinhost method and do your checks there.



What do you mean with this?


The withinhost option can be overriden by a callback (Check the NSEDoc of
httpspider). You want to do something like:

crawler.options.withinhost = function(url)
    if crawler:iswithinhost(url)
    and url:match(".*%.php%?.*%.pdf.*")
    (and the rest of your checks...)
        return true
    end
end

-- 
George Chatzisofroniou
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: