PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-16 04:39:03 +00:00
Code Issues Projects Releases Wiki Activity

Return NOT_VULN report instead of 'false' in http-frontpage-login

Browse Source
This commit is contained in:
dmiller
2016-06-26 04:15:17 +00:00
parent c6be42d88b
commit 26fb5d6f99
1 changed files with 2 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
scripts/http-frontpage-login.nse
View File

@@ -53,11 +53,10 @@ Default installations of older versions of frontpage extensions allow anonymous
references = {
'http://insecure.org/sploits/Microsoft.frontpage.insecurities.html',
},
exploit_results = {},
state = vulns.STATE.NOT_VULN,
};
local report = vulns.Report:new(SCRIPT_NAME, host, port);
frontpage_vuln.state = vulns.STATE.NOT_VULN;
data = http.get( host, port, path .. "/_vti_inf.html" )
@@ -72,17 +71,14 @@ Default installations of older versions of frontpage extensions allow anonymous
if data.status == 200 then
stdnse.debug1("Frontpage returned 200 OK, server vulnerable.")
frontpage_vuln.state = vulns.STATE.VULN;
return report:make_output(frontpage_vuln);
elseif data.status == 401 then
stdnse.debug1("Frontpage returned 401, password protected.")
return false
else
stdnse.debug1("Frontpage returned unknown response.")
return false
end
end
end
end
stdnse.debug1("Frontpage probably not installed.")
return false
return report:make_output(frontpage_vuln);
end