From 24c1b54c807cbad04785b23ac70c259621285bd5 Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Wed, 19 Jun 2019 18:33:51 +0000
Subject: [PATCH] http-server-header: interfere less with -sV results,
 especially softmatches

---
 scripts/http-server-header.nse | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/scripts/http-server-header.nse b/scripts/http-server-header.nse
index 2527091db..9fe907c63 100644
--- a/scripts/http-server-header.nse
+++ b/scripts/http-server-header.nse
@@ -72,18 +72,20 @@ action = function(host, port)
   local headers = {}
   for _, result in ipairs(responses) do
     if string.match(result, "^HTTP/1.[01] %d%d%d") then
-      port.version.service = "http"
 
       local http_server = string.match(result, "\n[Ss][Ee][Rr][Vv][Ee][Rr]:[ \t]*(.-)\r?\n")
 
       -- Avoid setting version info if -sV scan already got a match
       if port.version.product == nil and (port.version.name_confidence or 0) <= 3 then
+        port.version.service = "http"
         port.version.product = http_server
+        -- Setting "softmatched" allows the service fingerprint to be printed
+        nmap.set_port_version(host, port, "softmatched")
+      elseif port.version.product == http_server then
+        -- If we already detected exactly this, no need to report it
+        http_server = nil
       end
 
-      -- Setting "softmatched" allows the service fingerprint to be printed
-      nmap.set_port_version(host, port, "softmatched")
-
       if http_server then
         headers[http_server] = true
       end