PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 06:01:28 +00:00
Code Issues Projects Releases Wiki Activity

Note limitations of http-open-redirect.nse

Browse Source
This commit is contained in:
dmiller
2017-02-03 01:38:32 +00:00
parent 1790c9476c
commit 1c4dc13f27
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
scripts/http-open-redirect.nse
View File

@@ -8,7 +8,12 @@ local url = require "url"
description = [[ description = [[
Spiders a website and attempts to identify open redirects. Open Spiders a website and attempts to identify open redirects. Open
redirects are handlers which commonly take a URL as a parameter and redirects are handlers which commonly take a URL as a parameter and
responds with a http redirect (3XX) to the target. Risks of open redirects are described at http://cwe.mitre.org/data/definitions/601.html. responds with a HTTP redirect (3XX) to the target. Risks of open redirects are
described at http://cwe.mitre.org/data/definitions/601.html.
Only open redirects that are directly linked on the target website can be
discovered this way. If an open redirector is not linked, it will not be
discovered.
]] ]]
--- ---