PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 13:11:28 +00:00
Code Issues Projects Releases Wiki Activity

o [NSE] Applied patch that corrects an issue where the http-method-tamper

Browse Source 
script would fail to properly detect JBoss servers vulnerable to the
  CVE-2010-0738 vulnerability. [Hani Benhabiles]
This commit is contained in:
patrik
2011-12-08 19:04:42 +00:00
parent 682a9a746b
commit 25a54f58cb
3 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
scripts/http-method-tamper.nse
View File

@@ -29,7 +29,7 @@ author = "Hani Benhabiles <kroosec@gmail.com>"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"safe", "auth"}
categories = {"safe", "auth", "vuln"}
require 'shortport'
require 'http'
@@ -55,7 +55,10 @@ action = function(host, port)
-- Checks if HTTP authentication or a redirection to a login page is applied.
if getstatus == 401 or getstatus == 302 then
local headstatus = http.head(host, port, path).status
if headstatus == 200 then
if headstatus == 500 and path == "/jmx-console/" then
-- JBoss authentication bypass.
table.insert(result, ("%s: Vulnerable to CVE-2010-0738."):format(path))
elseif headstatus == 200 then
-- Vulnerable to authentication bypass.
table.insert(result, ("%s: Authentication bypass possible"):format(path))
end