Use shortport.http where appropriate.

2025-12-06 04:31:29 +00:00 · 2010-08-09 22:30:50 +00:00
parent fbe60bdcc9
commit a9b75892f5
13 changed files with 17 additions and 81 deletions
--- a/scripts/http-auth.nse
+++ b/scripts/http-auth.nse
@@ -26,7 +26,7 @@ categories = {"default", "auth", "intrusive"}
 require "shortport"
 require "http"

-portrule = shortport.port_or_service({80, 443, 8080}, {"http","https"})
+portrule = shortport.http

 action = function(host, port)
  local www_authenticate
--- a/scripts/http-date.nse
+++ b/scripts/http-date.nse
@@ -21,8 +21,7 @@ require("http")
 require("shortport")
 require("stdnse")

-portrule = shortport.port_or_service({80, 443, 631, 8080},
-	{"http", "https", "ipp", "http-alt"})
+portrule =  shortport.http

 action = function(host, port)
 	-- Get the local date in UTC.
--- a/scripts/http-enum.nse
+++ b/scripts/http-enum.nse
@@ -57,6 +57,7 @@ license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
 categories = {"discovery", "intrusive", "vuln"}

 require 'http'
+require 'shortport'
 require 'stdnse'

 -- List of fingerprint files
@@ -70,20 +71,7 @@ if(nmap and nmap.registry and nmap.registry.args and nmap.registry.args.fingerpr
 	end
 end

-portrule = function(host, port)
-	local svc = { std = { ["http"] = 1, ["http-alt"] = 1 },
-				ssl = { ["https"] = 1, ["https-alt"] = 1 } }
-	if port.protocol ~= 'tcp'
-	or not ( svc.std[port.service] or svc.ssl[port.service] ) then
-		return false
-	end
-	-- Don't bother running on SSL ports if we don't have SSL.
-	if (svc.ssl[port.service] or port.version.service_tunnel == 'ssl')
-	and not nmap.have_ssl() then
-		return false
-	end
-	return true
-end
+portrule = shortport.http

 ---Convert the filename to backup variations. These can be valuable for a number of reasons. 
 -- First, because they may not have the same access restrictions as the main version (file.php 
--- a/scripts/http-favicon.nse
+++ b/scripts/http-favicon.nse
@@ -38,8 +38,7 @@ require "stdnse"
 require "datafiles"
 require "nsedebug"

-portrule = shortport.port_or_service({80, 443, 8080, 8443},
-	{"http", "https", "http-alt", "https-alt"})
+portrule = shortport.http

 action = function(host, port)
  local md5sum,answer
--- a/scripts/http-headers.nse
+++ b/scripts/http-headers.nse
@@ -31,20 +31,7 @@ categories = {"discovery", "safe"}
 require "shortport"
 require "http"

-portrule = function(host, port)
-	local svc = { std = { ["http"] = 1, ["http-alt"] = 1 },
-				ssl = { ["https"] = 1, ["https-alt"] = 1 } }
-	if port.protocol ~= 'tcp'
-	or not ( svc.std[port.service] or svc.ssl[port.service] ) then
-		return false
-	end
-	-- Don't bother running on SSL ports if we don't have SSL.
-	if (svc.ssl[port.service] or port.version.service_tunnel == 'ssl')
-	and not nmap.have_ssl() then
-		return false
-	end
-	return true
-end
+portrule = shortport.http

 action = function(host, port)
 	local path = nmap.registry.args.path
--- a/scripts/http-iis-webdav-vuln.nse
+++ b/scripts/http-iis-webdav-vuln.nse
@@ -33,7 +33,7 @@ categories = {"vuln", "intrusive"}
 require "http"
 require "shortport"

-portrule = shortport.port_or_service({80, 443, 8080}, {"http", "https"})
+portrule = shortport.http

 ---Enumeration for results
 local enum_results = 
--- a/scripts/http-malware-host.nse
+++ b/scripts/http-malware-host.nse
@@ -27,24 +27,11 @@ license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

 categories = {"malware", "safe"}

-require 'stdnse'
 require 'http'
+require 'shortport'
 require 'stdnse'

-portrule = function(host, port)
-	local svc = { std = { ["http"] = 1, ["http-alt"] = 1, ["http-proxy"] = 1 },
-				ssl = { ["https"] = 1, ["https-alt"] = 1 } }
-	if port.protocol ~= 'tcp'
-	or not ( svc.std[port.service] or svc.ssl[port.service] ) then
-		return false
-	end
-	-- Don't bother running on SSL ports if we don't have SSL.
-	if (svc.ssl[port.service] or port.version.service_tunnel == 'ssl')
-	and not nmap.have_ssl() then
-		return false
-	end
-	return true
-end
+portrule = shortport.http

 action = function(host, port)
 	-- Check what response we get for a 404
--- a/scripts/http-methods.nse
+++ b/scripts/http-methods.nse
@@ -48,6 +48,7 @@ categories = {"default", "safe"}

 require("http")
 require("nmap")
+require("shortport")
 require("stdnse")

 -- We don't report these methods except with verbosity.
@@ -57,18 +58,7 @@ local UNINTERESTING_METHODS = {

 local filter_out, merge_headers

-portrule = function(host, port)
-	if not (port.service == 'http' or port.service == 'https') 
-	then
-		return(false)
-	end
-	-- Don't bother running on SSL ports if we don't have SSL.
-	if ((port.service == 'https' or port.version.service_tunnel == 'ssl') and not nmap.have_ssl()) 
-	then
-		return(false)
-	end
-	return(true)
-end
+portrule = shortport.http

 action = function(host, port)
 	local url_path, retest_http_methods
--- a/scripts/http-passwd.nse
+++ b/scripts/http-passwd.nse
@@ -103,7 +103,7 @@ local output = function(passwd, dir)
 	return out
 end

-portrule = shortport.port_or_service({80, 443, 8080}, {"http", "https"})
+portrule = shortport.http

 action = function(host, port)
 	local dirs = {
--- a/scripts/http-php-version.nse
+++ b/scripts/http-php-version.nse
@@ -25,7 +25,7 @@ categories = {"discovery", "safe"}
 require "http"
 require "shortport"

-portrule = shortport.port_or_service({80, 443, 8080, 8443}, {"http", "https", "http-alt", "https-alt"})
+portrule = shortport.http

 -- These are the magic queries that return fingerprintable data.
 local LOGO_QUERY = "/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42"
--- a/scripts/http-trace.nse
+++ b/scripts/http-trace.nse
@@ -85,7 +85,7 @@ local validate = function(response, original)
 	return
 end

-portrule = shortport.port_or_service({80, 8080, 443}, {"http", "https"})
+portrule = shortport.http

 action = function(host, port)
 	local cmd = "TRACE / HTTP/1.0\r\n\r\n"
--- a/scripts/http-userdir-enum.nse
+++ b/scripts/http-userdir-enum.nse
@@ -29,27 +29,13 @@ CVE-2001-1013: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1013.
 -- |_ apache-userdir-enum: Potential Users: root (403), user (200), test (200)

 local http      = require 'http'
+local shortport = require 'shortport'
 local stdnse    = require 'stdnse'
 local datafiles = require 'datafiles'



---
-- The script will run against http[s] and http[s]-alt tcp ports.
-portrule = function(host, port)
-  local svc = { std = { ["http"] = 1, ["http-alt"] = 1 },
-                ssl = { ["https"] = 1, ["https-alt"] = 1 } }
-  if port.protocol ~= 'tcp' or not
-  ( svc.std[port.service] or svc.ssl[port.service] ) then
-    return false
-  end
-  -- Don't bother running on SSL ports if we don't have SSL.
-  if (svc.ssl[port.service] or port.version.service_tunnel == 'ssl') and not
-  nmap.have_ssl() then
-    return false
-  end
-  return true
-end
+portrule = shortport.http



--- a/scripts/robots.txt.nse
+++ b/scripts/robots.txt.nse
@@ -25,7 +25,7 @@ author = "Eddie Bell"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
 categories = {"default", "discovery", "safe"}

-portrule = shortport.port_or_service({80, 8080,443}, {"http","https"})
+portrule = shortport.http
 local last_len = 0

 -- split the output in 50 character length lines