PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-31 03:49:01 +00:00
Code Issues Projects Releases Wiki Activity

NSE: http-backup-finder.nse Address 3 sources of false positives. Closes #242

Browse Source
This commit is contained in:
tomsellers
2015-12-13 20:18:17 +00:00
parent adc8e7be1c
commit 25c891d570
1 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
scripts/http-backup-finder.nse
View File

@@ -94,6 +94,9 @@ action = function(host, port)
return nil
end
-- Check if we can use HEAD requests
local use_head = http.can_use_head(host, port, result_404)
local backups = {}
while(true) do
local status, r = crawler:crawl()
@@ -132,9 +135,14 @@ action = function(host, port)
-- replacement instead.
local escaped_link = link:gsub(" ", "%%20")
-- attempt a HEAD-request against each of the backup files
local response = http.head(host, port, escaped_link)
if http.page_exists(response, result_404, known_404, escaped_link, true) then
local response
if(use_head) then
response = http.head(host, port, escaped_link, {redirect_ok=false})
else
response = http.get(host, port, escaped_link, {redirect_ok=false})
end
if http.page_exists(response, result_404, known_404, escaped_link, false) then
if ( not(parsed.port) ) then
table.insert(backups,
("%s://%s%s"):format(parsed.scheme, host, link))