PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 13:11:28 +00:00
Code Issues Projects Releases Wiki Activity

Check for non-404 file nonexistence responses in http-config-backup

Browse Source
This commit is contained in:
dmiller
2016-07-22 15:52:30 +00:00
parent b019b4a369
commit 4fa478cea4
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
scripts/http-config-backup.nse
View File

@@ -196,6 +196,12 @@ action = function (host, port)
save = save .. "/"; save = save .. "/";
end end
local status_404, result_404, known_404 = http.identify_404(host, port)
if not status_404 then
stdnse.debug1("Can't distinguish 404 response. Quitting.")
return stdnse.format_output(false, "Can't determine file existence")
end
-- for each config file -- for each config file
for _, cfg in ipairs(CONFIGS) do for _, cfg in ipairs(CONFIGS) do
-- for each alteration of the filename -- for each alteration of the filename
@@ -203,10 +209,12 @@ action = function (host, port)
local url_path local url_path
url_path = url.build({path = path .. entry}); url_path = url.build({path = path .. entry});
-- http request -- http request
local response = http.get(host, port, url_path); local response = http.get(host, port, url_path);
if (response.status == 200) then -- if it's not 200, don't bother. If it is, check that it's not a false 404
if response.status == 200 and http.page_exists(response, result_404, known_404, url_path) then
-- check it if is valid before inserting -- check it if is valid before inserting
if cfg.check(response.body) then if cfg.check(response.body) then
local filename = stdnse.escape_filename((host.targetname or host.ip) .. url_path) local filename = stdnse.escape_filename((host.targetname or host.ip) .. url_path)