Makes sure that the script fails if the HTTP request did. Closes #1046

2025-12-06 04:31:29 +00:00 · 2017-10-22 03:27:20 +00:00
parent b437d9784f
commit 8366c90893
2 changed files with 4 additions and 5 deletions
--- a/3
+++ b/3
@@ -1,5 +1,8 @@
 #s wa Nmap Changelog ($Id$); -*-text-*-

+o [NSE][GH#1046] Script http-headers now fails properly if the target does not
+  return a valid HTTP response. [spacewander]
+
 o [NSE] rsa-vuln-roca checks for RSA keys generated by Infineon TPMs vulnerable
  to Return Of Coppersmith Attack (ROCA) (CVE-2017-15361). Checks SSH and TLS
  services. [Daniel Miller]
--- a/scripts/http-headers.nse
+++ b/scripts/http-headers.nse
@@ -57,14 +57,10 @@ action = function(host, port)
    request_type = "GET"
  end

-  if(result == nil) then
+  if not (result and result.status) then
    return fail("Header request failed")
  end

-  if(result.rawheader == nil) then
-    return fail("Header request didn't return a proper header")
-  end
-
  table.insert(result.rawheader, "(Request type: " .. request_type .. ")")

  return stdnse.format_output(true, result.rawheader)