From 1db56214702f43bd33fd8a367d28b9eb5be1ebf2 Mon Sep 17 00:00:00 2001
From: tomsellers <tomsellers@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Wed, 4 Jul 2012 02:30:18 +0000
Subject: [PATCH] Patch to address false positive generated when the target's
 httpd responds with a HTTP 200 for every request. Committing after email
 exchange with Paulino C.

---
 scripts/http-huawei-hg5xx-vuln.nse | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/scripts/http-huawei-hg5xx-vuln.nse b/scripts/http-huawei-hg5xx-vuln.nse
index 162b3b587..ead0683fc 100644
--- a/scripts/http-huawei-hg5xx-vuln.nse
+++ b/scripts/http-huawei-hg5xx-vuln.nse
@@ -78,6 +78,13 @@ including PPPoE credentials, firmware version, model, gateway, dns servers and a
            disclosure = {year = '2011', month = '01', day = '1'},
        },
      }
+     
+  -- Identify servers that answer 200 to invalid HTTP requests and exit as these would invalidate the tests
+  local _, http_status, _ = http.identify_404( host.ip,port)
+  if ( http_status == 200 ) then
+    return false
+  end
+  
   local vuln_report = vulns.Report:new(SCRIPT_NAME, host, port)
   local open_session = http.get(host.ip, port, "/Listadeparametros.html")
   if open_session and open_session.status == 200 then