From c662f9cbd1063cb0288773a95b310ee1fa42023e Mon Sep 17 00:00:00 2001
From: tomsellers <tomsellers@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Thu, 3 Dec 2015 12:16:24 +0000
Subject: [PATCH] Address false positive in hnap-info.nse Closes #241

---
 scripts/hnap-info.nse | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/scripts/hnap-info.nse b/scripts/hnap-info.nse
index 97e0fad74..02ae47c5a 100644
--- a/scripts/hnap-info.nse
+++ b/scripts/hnap-info.nse
@@ -87,6 +87,14 @@ function get_text_callback(store, name)
 end
 
 function action (host, port)
+
+  -- Identify servers that answer 200 to invalid HTTP requests and exit as these would invalidate the tests
+  local status_404, result_404, _ = http.identify_404(host,port)
+  if ( status_404 and result_404 == 200 ) then
+    stdnse.debug1("Exiting due to ambiguous response from web server on %s:%s. All URIs return status 200.", host.ip, port.number)
+    return nil
+  end
+
   local output = stdnse.output_table()
   local response = http.get(host, port, '/HNAP1')
   if response.status and response.status == 200 then
@@ -96,7 +104,13 @@ function action (host, port)
       closeElement = function(name) parser._call.text = function() return nil end end
     }
     parser:parseSAX(response.body, {stripWhitespace=true})
-
+    
+    -- Counting size of entries in table to determine if it is empty
+    -- using the '#' operator is not reliable on tables
+    local count = 0
+    for _ in pairs(output) do count = count + 1 end
+    if count < 1 then return nil end
+    
     -- set the port verson
     port.version.name = "hnap"
     port.version.name_confidence = 10
@@ -110,7 +124,7 @@ function action (host, port)
     end
     nmap.set_port_version(host, port, "hardmatched")
 
-    if #output >0 then return output end
+    return output
   end
 end