PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-10 09:49:05 +00:00
Code Issues Projects Releases Wiki Activity

Added pipeline support to http-enum.nse

Browse Source
This commit is contained in:
joao
2009-08-12 01:52:03 +00:00
parent ecaf3e90a9
commit bf4599385e
1 changed files with 22 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
scripts/http-enum.nse
View File

@@ -46,6 +46,7 @@ action = function(host, port)
local check404body = ""
local checkHEAD = "200"
local result = ""
local all = {}
local safeURLcheck = {
{checkdir="/_vti_bin/", checkdesc="FrontPage directory"},
{checkdir="/_vti_cnf/", checkdesc="FrontPage directory"},
@@ -130,11 +131,15 @@ action = function(host, port)
if check404:match( "200" ) then
-- check body for specific text, add confirmation message to result
for _, combination in pairs (safeURLcheck) do
all = http.pGet( host, port, combination.checkdir, nil, nil, all )
end
data = http.get( host, port, combination.checkdir )
results = http.pipeline(host, port, all, nil)
for i, data in pairs( results ) do
if data and data.status and tostring( data.status ):match( "403" ) then
result = result .. combination.checkdir .. " " .. combination.checkdesc .. " (403 Forbidden)\n"
result = result .. safeURLcheck[i].checkdir .. " " .. safeURLcheck[i].checkdesc .. " (403 Forbidden)\n"
else
if data.body and check404body then
-- compare body and look for matches
@@ -142,7 +147,7 @@ action = function(host, port)
-- assume it's another 404 page
else
-- assume it's not a 404
result = result .. combination.checkdir .. " " .. combination.checkdesc .. "\n"
result = result .. safeURLcheck[i].checkdir .. " " .. safeURLcheck[i].checkdesc .. "\n"
end
end
end
@@ -151,19 +156,25 @@ action = function(host, port)
else
for _, combination in pairs (safeURLcheck) do
if checkHEAD:match( "200" ) then
data = http.head( host, port, combination.checkdir )
for _, combination in pairs (safeURLcheck) do
all = http.pHead( host, port, combination.checkdir, nil, nil, all )
end
else
data = http.get( host, port, combination.checkdir )
for _, combination in pairs (safeURLcheck) do
all = http.pGet( host, port, combination.checkdir, nil, nil, all )
end
end
results = http.pipeline(host, port, all, nil)
for i, data in pairs( results ) do
if data and data.status and tostring( data.status ):match( "200" ) then
result = result .. combination.checkdir .. " " .. combination.checkdesc .. "\n"
result = result .. safeURLcheck[i].checkdir .. " " .. safeURLcheck[i].checkdesc .. "\n"
end
if data and data.status and tostring( data.status ):match( "403" ) then
result = result .. combination.checkdir .. " " .. combination.checkdesc .. " (403 Forbidden)\n"
result = result .. safeURLcheck[i].checkdir .. " " .. safeURLcheck[i].checkdesc .. " (403 Forbidden)\n"
end
end