From 3ea1cdf460db251f1ec09b62648e0f8720557de4 Mon Sep 17 00:00:00 2001
From: nnposter <nnposter@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Tue, 30 Aug 2016 16:12:30 +0000
Subject: [PATCH] Reduces false-positives by treating 404 as a failed
 authentication

---
 nselib/data/http-default-accounts-fingerprints.lua | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/nselib/data/http-default-accounts-fingerprints.lua b/nselib/data/http-default-accounts-fingerprints.lua
index 9376043bb..718bb67ad 100644
--- a/nselib/data/http-default-accounts-fingerprints.lua
+++ b/nselib/data/http-default-accounts-fingerprints.lua
@@ -37,10 +37,10 @@ local have_openssl, openssl = pcall(require, 'openssl')
 local function try_http_basic_login(host, port, path, user, pass, digest_auth)
   local credentials = {username = user, password = pass, digest = digest_auth}
   local req = http.get(host, port, path, {no_cache=true, auth=credentials, redirect_ok = false})
-  if req.status and req.status ~= 401 and req.status ~= 403 then
-    return true
-  end
-  return false
+  return req.status
+         and req.status ~= 401
+         and req.status ~= 403
+         and req.status ~= 404
 end
 
 ---