Re: SSTP information script

[Daniel Miller <bonsaiviking () gmail com>]

On 01/14/2014 06:09 PM, Niklaus Schiess wrote:
> Hi,
>
> this is a slightly modified version of a script i submitted a while ago.
> It checks if the Secure Socket Tunneling Protocol
> (http://msdn.microsoft.com/en-us/library/cc247338.aspx) is supported for
> a given host. Further information as well as SSTP enabled testing hosts
> are included in the script description.
>
> Let me know if there are any issues with the script.
>
> Regards,
> Niklaus Schiess
Niklaus,

Thanks for resubmitting this. Sorry your previous submission fell 
through the cracks! When we spoke about this script over IRC, we 
discussed switching to using the http.generic_request function instead 
of lower-level socket functions. Did you try that? Was there a reason 
why you didn't choose that method?

A couple other things that might need cleanup:

1. The portrule is probably too specific at this point. Assuming that 
you want to check for this on every HTTPS service regardless of port, 
you probably want something like:

portrule = function(host, port)
  return shortport.http(host, port) and shortport.ssl(host, port)
end

This may be a common enough problem that we should have a special 
shortport.https function, but I'm not sure.

2. For output keys, we prefer lowercase identifiers (e.g. output.status 
instead of output.STATUS)

3. We already have a script that grabs the HTTP Date header, and service 
version detection (-sV) will use the Server header if available. The 
output of this script could be simply a string, "SSTP is supported." Is 
there any other useful information in the response to an SSTP probe that 
is different from what is available in the HTTP probe?

Looking forward to integrating this script.

Dan
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/