PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 12:41:29 +00:00
Code Issues Projects Releases Wiki Activity

http-form-fuzzer: Use functions from nselib instead of reinventing

Browse Source
This commit is contained in:
gio
2015-08-18 16:25:17 +00:00
parent 3ca8599de3
commit 0044e8bad1
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
scripts/http-form-fuzzer.nse
View File

@@ -53,6 +53,7 @@ categories = {"fuzzer", "intrusive"}
local shortport = require 'shortport'
local http = require 'http'
local httpspider = require 'httpspider'
local stdnse = require 'stdnse'
local string = require 'string'
local table = require 'table'
@@ -110,7 +111,7 @@ local charset_number = generate_charset(49,57) -- ascii 49 -> 1; 57 -> 9
local function fuzz_form(form, minlen, maxlen, host, port, path)
local affected_fields = {}
local postdata = generate_safe_postdata(form)
local action_absolute = string.find(form["action"], "https*://")
local action_absolute = httpspider.LinkExtractor.isAbsolute(form["action"])
-- determine the path where the form needs to be submitted
local form_submission_path
@@ -181,7 +182,7 @@ local function fuzz_form(form, minlen, maxlen, host, port, path)
return affected_fields
end
portrule = shortport.port_or_service( {80, 443}, {"http", "https"}, "tcp", "open")
portrule = shortport.http
function action(host, port)
local targets = stdnse.get_script_args('http-form-fuzzer.targets') or {{path="/"}}