Nmap Development mailing list archives
Re: NSE script: HTTP Internal IP Address Disclosure
From: Josh Amishav-Zlatin <jamuse () gmail com>
Date: Wed, 1 Jun 2016 18:38:14 +0300
On Tue, May 31, 2016 at 4:44 AM, Patrick Donnelly <batrick () batbytes com> wrote:
Hi Josh, On Mon, May 30, 2016 at 6:12 AM, Josh Amishav-Zlatin <jamuse () gmail com> wrote:I attached an NSE script that checks if the remote web server disclosesitsinternal IP address when sending an HTTP/1.0 request without a Hostheader.While this is a common issue for certain unpatched versions of IIS, other misconfigured web servers can be vulnerable a well.Interesting script idea! Few comments:
Hi Patrick, Thanks for the feedback! I made the changes you suggested and attached the updated version. Note, I kept the 'redirectIP' and 'privateIP' variables globally scoped in the generateHttpV1_0Req function, let me know if you see a way to narrow their scope. - Josh
Attachment:
http-internal-ip-disclosure.nse
Description:
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- NSE script: HTTP Internal IP Address Disclosure Josh Amishav-Zlatin (May 30)
- Re: NSE script: HTTP Internal IP Address Disclosure Patrick Donnelly (May 30)
- Re: NSE script: HTTP Internal IP Address Disclosure Josh Amishav-Zlatin (Jun 01)
- Re: NSE script: HTTP Internal IP Address Disclosure Patrick Donnelly (Jun 07)
- Re: NSE script: HTTP Internal IP Address Disclosure Patrick Donnelly (Jun 08)
- Re: NSE script: HTTP Internal IP Address Disclosure Josh Amishav-Zlatin (Jun 09)
- Re: NSE script: HTTP Internal IP Address Disclosure Patrick Donnelly (Jun 09)
- Re: NSE script: HTTP Internal IP Address Disclosure Josh Amishav-Zlatin (Jun 01)
- Re: NSE script: HTTP Internal IP Address Disclosure Patrick Donnelly (May 30)