mirror of
https://github.com/nmap/nmap.git
synced 2025-12-21 15:09:02 +00:00
Added a script-arg to http-enum.nse allowing the user to give a custom fingerprint file. Also changed script to use straight nmap.fetchfile(filename) then to use nmap.fetchfile('nselib/data/' .. filename) to find the fingerprints file, which lets a user give his fingerprints file in the current folder.
It might be better to give priority the other way, though, I'm not really sure.
This commit is contained in:
ron
@@ -36,6 +36,8 @@ for 404 Not Found and the status code returned by the random files).
|
|||||||
-- hidden folders, it also generates far more false positives.
|
-- hidden folders, it also generates far more false positives.
|
||||||
--@args limit Limit the number of folders to check. This option is useful if using a list from, for example,
|
--@args limit Limit the number of folders to check. This option is useful if using a list from, for example,
|
||||||
-- the DirBuster projects which can have 80,000+ entries.
|
-- the DirBuster projects which can have 80,000+ entries.
|
||||||
|
--@args fingerprints Specify a different file to read fingerprints from. This will be read instead of the default
|
||||||
|
-- files.
|
||||||
|
|
||||||
author = "Ron Bowes <ron@skullsecurity.net>, Andrew Orr <andrew@andreworr.ca>, Rob Nicholls <robert@everythingeverything.co.uk>"
|
author = "Ron Bowes <ron@skullsecurity.net>, Andrew Orr <andrew@andreworr.ca>, Rob Nicholls <robert@everythingeverything.co.uk>"
|
||||||
|
|
||||||
@@ -48,10 +50,13 @@ require 'http'
|
|||||||
require 'stdnse'
|
require 'stdnse'
|
||||||
|
|
||||||
-- The directory where the fingerprint files are stored
|
-- The directory where the fingerprint files are stored
|
||||||
local FILENAME_BASE = "nselib/data/"
|
|
||||||
|
|
||||||
-- List of fingerprint files
|
-- List of fingerprint files
|
||||||
local fingerprint_files = { "http-fingerprints", "yokoso-fingerprints" }
|
local fingerprint_files = { "http-fingerprints", "yokoso-fingerprints" }
|
||||||
|
if(nmap.registry.args.fingerprints ~= nil) then
|
||||||
|
fingerprint_files = { nmap.registry.args.fingerprints }
|
||||||
|
end
|
||||||
|
|
||||||
--local fingerprint_files = { "test-fingerprints" }
|
--local fingerprint_files = { "test-fingerprints" }
|
||||||
|
|
||||||
portrule = function(host, port)
|
portrule = function(host, port)
|
||||||
@@ -88,10 +93,18 @@ local function get_fingerprints()
|
|||||||
end
|
end
|
||||||
|
|
||||||
for i = 1, #fingerprint_files, 1 do
|
for i = 1, #fingerprint_files, 1 do
|
||||||
local filename = FILENAME_BASE .. fingerprint_files[i]
|
|
||||||
local filename_full = nmap.fetchfile(filename)
|
|
||||||
local count = 0
|
local count = 0
|
||||||
|
|
||||||
|
-- Try using the root path, if possible
|
||||||
|
local filename = fingerprint_files[i]
|
||||||
|
local filename_full = nmap.fetchfile(filename)
|
||||||
|
|
||||||
|
if(filename_full == nil) then
|
||||||
|
-- If the root path fails, try looking in the nselib/data directory
|
||||||
|
filename = "nselib/data/" .. fingerprint_files[i]
|
||||||
|
filename_full = nmap.fetchfile(filename)
|
||||||
|
end
|
||||||
|
|
||||||
if(filename_full == nil) then
|
if(filename_full == nil) then
|
||||||
stdnse.print_debug(1, "http-enum: Couldn't find fingerprints file: %s", filename)
|
stdnse.print_debug(1, "http-enum: Couldn't find fingerprints file: %s", filename)
|
||||||
else
|
else
|
||||||
|
|||||||
Reference in New Issue
Block a user