PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-08 21:51:28 +00:00
Code Issues Projects Releases Wiki Activity

Minor updates to comments. For example, wanted to clarify that the Nikto http-enum integration was done with cooperation/encouragement from Nikto folks

Browse Source
This commit is contained in:
fyodor
2013-12-27 03:45:53 +00:00
parent 5d0eb7aaec
commit 8418f18274
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
nselib/data/http-fingerprints.lua
View File

@@ -22,7 +22,7 @@ local table = require "table"
-- * It doesn't support sending additional headers for a probe. -- * It doesn't support sending additional headers for a probe.
-- That means, if a nikto fingerprint needs one of the above features, it -- That means, if a nikto fingerprint needs one of the above features, it
-- won't be loaded. At the time of writing this, 6546 out of the 6573 Nikto -- won't be loaded. At the time of writing this, 6546 out of the 6573 Nikto
-- fingerprints are being loaded successfully. -- fingerprints are being loaded successfully. This runtime Nikto fingerprint integration was suggested by Nikto co-author Chris Sullo as described at http://seclists.org/nmap-dev/2013/q4/292
-- --
-- Although this format was originally modeled after the Nikto format, that ended -- Although this format was originally modeled after the Nikto format, that ended
-- up being too restrictive. The current format is a simple Lua table. There are many -- up being too restrictive. The current format is a simple Lua table. There are many

6
scripts/http-enum.nse
View File

@@ -9,13 +9,13 @@ local table = require "table"
description = [[ description = [[
Enumerates directories used by popular web applications and servers. Enumerates directories used by popular web applications and servers.
This parses a fingerprint file that's formatted in a way that's compatible with the Nikto Web application This parses a fingerprint file that's similar in format to the Nikto Web application
scanner. This script, however, takes it one step further by building in advanced pattern matching as well scanner. This script, however, takes it one step further by building in advanced pattern matching as well
as having the ability to identify specific versions of Web applications. as having the ability to identify specific versions of Web applications.
You can, however, parse the nikto database using http-fingerprints.nikto-db-path. This will try to parse You can also parse a Nikto-formatted database using http-fingerprints.nikto-db-path. This will try to parse
most of the fingerprints defined in nikto's database in real time. More documentation about this in the most of the fingerprints defined in nikto's database in real time. More documentation about this in the
nselib/data/http-fingerprints file. nselib/data/http-fingerprints.lua file.
Currently, the database can be found under Nmap's directory in the nselib/data folder. The file is called Currently, the database can be found under Nmap's directory in the nselib/data folder. The file is called
http-fingerprints and has a long description of its functionality in the file header. http-fingerprints and has a long description of its functionality in the file header.