Nmap Development mailing list archives
Gyani's status report #11 of 17
From: Gyanendra Mishra <anomaly.the () gmail com>
Date: Mon, 13 Jul 2015 23:44:05 +0530
Hi list, This week I continued my work on http.lua, http-fetch and osinfo.lua. Accomplishments * Added auto authentication to http.lua. If options.auto is set to true for the first request then auto auth is enabled for all following requests. You can selectively turn of auto auth for a particular request by setting options.auto to false. Note this(switching off auto auth for a particular request) can't be done for NTLM requests as for NTLM requests a NTLM socket is created. Also now auto auth is not default for any request. You need to set auto auth to true using options.auto for both pipelined and non pipelined requests. Users can over ride this by setting http.autoauth to true. Also added functions make_ntlm_socket this function returns an ntlm socket along with an ntlm blob, the socket is used with the make_ntlm_request. Optionally if a user gives an old socket as a parameter the script makes that socket an ntlm script and returns the ntlm auth blob for the same.[1] * http-fetch : The mirrorring in http-fetch is not dependent on lfs.lua any more. Also all the gmatch calls are replaced with fewer and more efficient gsub calls. The script is more robust than it was before. Will talk about this more in the next point. * Posted an RFC to the mailing list for the mirroring in http-fetch. The mail contains a detailed post about the current implementation of mirroring in http-fetch.[2] * Added uname parsing to osinfo.lua. You can now parse uname strings to get an os name, os cpe and a uname string split into specific parts by running the parse_uname() function of the osinfo library.[3] * The scripts/ version of http-fetch now supports a download everything option which is basically mirroring without modifying the downloaded files. Priorities * Add creds support to pipelined requests in http.lua. * Survey scripts and libraries that use the http library for possible use of the auto auth functionality and make necessary changes. * Survey scripts that may make use of the osinfo library and make necessary changes. * Currently uname parsing works for linux and darwin strings, add support for other Unix and Unix like systems.[4] Gyani [1]https://svn.nmap.org/nmap-exp/gyani/drafts/http.lua [2]http://seclists.org/nmap-dev/2015/q3/71 [3]https://svn.nmap.org/nmap-exp/gyani/nselib/osinfo.lua [4]https://en.wikipedia.org/wiki/Uname
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Gyani's status report #11 of 17 Gyanendra Mishra (Jul 13)