Nmap Development mailing list archives
Re: [NSE] Empty server header in http-server-header.nse
From: Daniel Miller <bonsaiviking () gmail com>
Date: Thu, 15 Jan 2015 10:02:18 -0600
nnposter, Thanks for the report! I applied your patch in r33910, and followed it with an implementation of your suggestion to show "<empty>" when the header is empty (r33911). Dan On Thu, Jan 1, 2015 at 2:08 PM, <nnposter () users sourceforge net> wrote:
Script http-server-header.nse is not handling well situations where the Server header is returned but empty. Specifically, pattern... "\n[Ss][Ee][Rr][Vv][Ee][Rr]:%s*(.-)\r?\n" ...used for parsing the header assumes that class %s does not include CR or LF. When the server header is returned empty then %s* will slurp the CR/LF sequence and the subsequent capture group will get populated with the next full header (as opposed to an empty string). The patch below replaces the problematic class with LWS as defined in RFC 822. This will cause the script to return the empty string. One issue to note though is that the visual effect is an empty line in the formatted output: 443/tcp open ssl/https syn-ack ttl 128 | http-server-header: | Server: |_ It could be argued that we should decouple the formatted output from the structured result data and replace it with something more readable like "(not listed)" or "(empty)": 443/tcp open ssl/https syn-ack ttl 128 | http-server-header: | Server: |_ (empty) Cheers, nnposter Patch against r33886 follows: --- a/scripts/http-server-header.nse +++ b/scripts/http-server-header.nse @@ -101,7 +101,7 @@ if string.match(result, "^HTTP/1.[01] %d%d%d") then port.version.service = "http" - local http_server = string.match(result, "\n[Ss][Ee][Rr][Vv][Ee][Rr]:%s*(.-)\r?\n") + local http_server = string.match(result, "\n[Ss][Ee][Rr][Vv][Ee][Rr]:[ \t]*(.-)\r?\n") -- Avoid setting version info if -sV scan already got a match if port.version.product == nil and (port.version.name_confidence or 0) <= 3 then _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Empty server header in http-server-header.nse nnposter (Jan 01)
- Re: [NSE] Empty server header in http-server-header.nse Daniel Miller (Jan 15)