PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 13:11:28 +00:00
Code Issues Projects Releases Wiki Activity

http-server-header: interfere less with -sV results, especially softmatches

Browse Source
This commit is contained in:
dmiller
2019-06-19 18:33:51 +00:00
parent 19c756aedf
commit 24c1b54c80
1 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
scripts/http-server-header.nse
View File

@@ -72,17 +72,19 @@ action = function(host, port)
local headers = {} local headers = {}
for _, result in ipairs(responses) do for _, result in ipairs(responses) do
if string.match(result, "^HTTP/1.[01] %d%d%d") then if string.match(result, "^HTTP/1.[01] %d%d%d") then
port.version.service = "http"
local http_server = string.match(result, "\n[Ss][Ee][Rr][Vv][Ee][Rr]:[ \t]*(.-)\r?\n") local http_server = string.match(result, "\n[Ss][Ee][Rr][Vv][Ee][Rr]:[ \t]*(.-)\r?\n")
-- Avoid setting version info if -sV scan already got a match -- Avoid setting version info if -sV scan already got a match
if port.version.product == nil and (port.version.name_confidence or 0) <= 3 then if port.version.product == nil and (port.version.name_confidence or 0) <= 3 then
port.version.service = "http"
port.version.product = http_server port.version.product = http_server
end
-- Setting "softmatched" allows the service fingerprint to be printed -- Setting "softmatched" allows the service fingerprint to be printed
nmap.set_port_version(host, port, "softmatched") nmap.set_port_version(host, port, "softmatched")
elseif port.version.product == http_server then
-- If we already detected exactly this, no need to report it
http_server = nil
end
if http_server then if http_server then
headers[http_server] = true headers[http_server] = true