PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 12:41:29 +00:00
Code Issues Projects Releases Wiki Activity

Avoid a crash by making sure response *has* a location header

Browse Source
This commit is contained in:
dmiller
2019-08-02 04:21:38 +00:00
parent 5ad05bdbab
commit 13d70d9ac7
1 changed files with 14 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
scripts/https-redirect.nse
View File

@@ -58,18 +58,20 @@ action = function (host, port)
if string.match(result, "^HTTP/1.[01] 3%d%d") then if string.match(result, "^HTTP/1.[01] 3%d%d") then
local location = string.match(result, "\n[Ll][Oo][Cc][Aa][Tt][Ii][Oo][Nn]:[ \t]*(.-)\r?\n") local location = string.match(result, "\n[Ll][Oo][Cc][Aa][Tt][Ii][Oo][Nn]:[ \t]*(.-)\r?\n")
local parsed = url.parse(location) if location then
-- Check for a redirect to the same port, but with HTTPS scheme. local parsed = url.parse(location)
if parsed.scheme == 'https' and tonumber(parsed.port or 443) == port.number and ( -- Check for a redirect to the same port, but with HTTPS scheme.
-- ensure it's not some other machine if parsed.scheme == 'https' and tonumber(parsed.port or 443) == port.number and (
parsed.ascii_host == host.ip or -- ensure it's not some other machine
parsed.ascii_host == host.targetname or parsed.ascii_host == host.ip or
parsed.ascii_host == host.name or parsed.ascii_host == host.targetname or
parsed.host == "" or parsed.host == nil parsed.ascii_host == host.name or
) then parsed.host == "" or parsed.host == nil
port.version.service_tunnel = "ssl" ) then
nmap.set_port_version(host, port, "softmatched") port.version.service_tunnel = "ssl"
return nil nmap.set_port_version(host, port, "softmatched")
return nil
end
end end
end end
end end