PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-16 04:39:03 +00:00
Code Issues Projects Releases Wiki Activity

Return NOT_VULN report instead of 'false' in http-frontpage-login

Browse Source
This commit is contained in:
dmiller
2016-06-26 04:15:17 +00:00
parent c6be42d88b
commit 26fb5d6f99
1 changed files with 2 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
scripts/http-frontpage-login.nse
View File

@@ -53,11 +53,10 @@ Default installations of older versions of frontpage extensions allow anonymous
references = { references = {
'http://insecure.org/sploits/Microsoft.frontpage.insecurities.html', 'http://insecure.org/sploits/Microsoft.frontpage.insecurities.html',
}, },
exploit_results = {}, state = vulns.STATE.NOT_VULN,
}; };
local report = vulns.Report:new(SCRIPT_NAME, host, port); local report = vulns.Report:new(SCRIPT_NAME, host, port);
frontpage_vuln.state = vulns.STATE.NOT_VULN;
data = http.get( host, port, path .. "/_vti_inf.html" ) data = http.get( host, port, path .. "/_vti_inf.html" )
@@ -72,17 +71,14 @@ Default installations of older versions of frontpage extensions allow anonymous
if data.status == 200 then if data.status == 200 then
stdnse.debug1("Frontpage returned 200 OK, server vulnerable.") stdnse.debug1("Frontpage returned 200 OK, server vulnerable.")
frontpage_vuln.state = vulns.STATE.VULN; frontpage_vuln.state = vulns.STATE.VULN;
return report:make_output(frontpage_vuln);
elseif data.status == 401 then elseif data.status == 401 then
stdnse.debug1("Frontpage returned 401, password protected.") stdnse.debug1("Frontpage returned 401, password protected.")
return false
else else
stdnse.debug1("Frontpage returned unknown response.") stdnse.debug1("Frontpage returned unknown response.")
return false
end end
end end
end end
end end
stdnse.debug1("Frontpage probably not installed.") stdnse.debug1("Frontpage probably not installed.")
return false return report:make_output(frontpage_vuln);
end end