PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Fix a crash in http-xssed when scanning an IP addr or range

Browse Source 
http-xssed unconditionally used host.targetname, which is only set when
the target is specified as a name, not an IP address or range. Now we
prefer the targetname, but fall back to the reverse-dns name, and
finally to the IP address. Perhaps we should be more strict, if
xssed.com only allows domain names, for instance?
This commit is contained in:
dmiller
2014-02-20 21:37:05 +00:00
parent c497ef4679
commit 065aa78596
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/http-xssed.nse
View File

@@ -46,7 +46,7 @@ action = function(host, port)
local fixed, unfixed
local target = XSSED_SEARCH .. host.targetname
local target = XSSED_SEARCH .. (host.targetname or host.name or host.ip)
-- Only one instantiation of the script should ping xssed at once.
local mutex = nmap.mutex("http-xssed")