Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Patches for http.lua and adding support in httpspider.lua

From: Vinamra Bhatia <vinamrabhatia8 () gmail com>
Date: Tue, 20 Jun 2017 08:44:36 +0530
Hello All,
I was trying to add cookie support in httpspider.lua as I wanted to check
my XSS Script. However, I wasn't able to receive cookies on making minor
modifications to the library. I was trying to use DVWA for the purpose
which was running on a VM in my machine.

After quite a few hours of debugging, I found this.
When the spider library goes to {ip}/dvwa/, it gets a cookie in return and
in Location Header, we have login.php.
Instead of going to /dvwa/login.php, it rather goes to login.php. Since
login.php doesnt exist in the VM, it returns of 404 error code.
I realized that url_parse function in the library isnt taking into account
the relative URLs perfectly. Thus, I am submitting a patch which I feel
will solve the problem.

Now, i also noticed that in HTTP library get function, if a link redirects,
it fails to take the cookie generated by the previous link. Hence, We need
to append the cookies accordingly.
I have taken care of the following 3 scenarios:
1. if the response received from the redirect doesnt have any cookie, it
becomes equal to the previous cookie.
2. If response received generates a cookie and the name of the cookie is
different from the previous cookie, it appends it simply in the
option.cookies table.
3. If response received generates a cookie and the name of the cookie is
same as the previous redirect cookie, it updates the value in that
particular cookie name.

I would love to receive feedbacks on this and would request you all to
please test the patches.
I am also attaching the modifications I did in httpspider library to add
cookie support.

Pull Requests for the same patches:
https://github.com/nmap/nmap/pull/912
https://github.com/nmap/nmap/pull/913

Cheers
Vinamra

Attachment: httpspiderlib.patch
Description:

Attachment: httplib.patch
Description: 

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: