PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-15 04:09:01 +00:00
Code Issues Projects Releases Wiki Activity

o Added a new NSE Comm library for common network discovery tasks such

Browse Source 
as banner-grabbing (get_banner()) and making a quick exchange of data
  (exchange()).  16 scripts were updated to use this library. [Kris]

I have *not* been able to test all of these scripts; however, I have
reviewed them and they should all work properly.  I would really like
some more testing, though :)

This commit includes scripting.xml documentation.
This commit is contained in:
kris
2008-06-12 14:32:25 +00:00
parent cede9ab542
commit 2f9321360f
19 changed files with 297 additions and 268 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
scripts/HTTP_open_proxy.nse
View File

@@ -8,6 +8,7 @@
id="Open Proxy Test"
description="Test if a discovered proxy is open to us by connecting to www.google.com and checking for the 'Server: GWS/' header response."
categories = {"default", "intrusive"}
require "comm"
-- I found a nice explode() function in lua-users' wiki. I had to fix it, though.
-- http://lua-users.org/wiki/LuaRecipes
@@ -39,29 +40,22 @@ portrule = function(host, port)
end
action = function(host, port)
local socket = nmap.new_socket()
local result
local status = true
local response
local i
-- We will return this if we don't find "^Server: GWS" in response headers
local retval
socket:set_timeout(10000);
socket:connect(host.ip, port.number, port.protocol)
-- Ask proxy to open www.google.com
socket:send("GET http://www.google.com HTTP/1.0\r\nHost: www.google.com\r\n\r\n")
-- read the response, if any
status, result = socket:receive_lines(1)
local req = "GET http://www.google.com HTTP/1.0\r\nHost: www.google.com\r\n\r\n"
local status, result = comm.exchange(host, port, req, {proto=port.protocol, timeout=10000})
-- Explode result into the response table
if (status == false) or (result == "TIMEOUT") then
else
response = explode("\n",result)
if not status then
return
end
-- Explode result into the response table
response = explode("\n",result)
-- Now, search for Server: GWS until headers (or table) end.
i = 0
while true do
@@ -74,7 +68,5 @@ action = function(host, port)
end
end
-- close the socket and exit, returning the retval string.
socket:close()
return retval
end