Updated documentation for Kris' scripts.

scripts/HTTPpasswd.nse

@@ -1,5 +1,5 @@
--- HTTP probe for /etc/passwd
-
+--- Probes an HTTP server via directory traversal for /etc/passwd
+--
 -- 07/20/2007:
 --   * Used Thomas Buchanan's HTTPAuth script as a starting point
 --   * Applied some great suggestions from Brandon Enright, thanks a lot man!
@@ -21,7 +21,10 @@ categories = {"intrusive", "vuln"}
 require "shortport"
 require "http"
 
--- Check for valid return code and passwd format in body
+--- Validates the HTTP response code and checks for a valid passwd format
+--- in the body
+--@param response The HTTP response from the server
+--@return The body of the HTTP response
 local validate = function(response)
 	if not response.status then
 		return nil
@@ -38,6 +41,10 @@ local validate = function(response)
 	return response.body
 end
 
+--- Transforms a string with ".", "/" and "\" converted to their URL-formatted
+--- hex equivalents
+--@param str String to hexify
+--@return Transformed string
 local hexify = function(str)
 	local ret
 	ret = str:gsub("%.", "%%2E")
@@ -46,12 +53,18 @@ local hexify = function(str)
 	return ret
 end
 
--- Returns truncated passwd file and returned length
+--- Truncates the passwd file
+--@param passwd passwd file
+--@return Truncated passwd file and truncated length
 local truncatePasswd = function(passwd)
 	local len = 250
 	return passwd:sub(1, len), len
 end
 
+--- Formats output
+--@param passwd passwd file
+--@param dir Formatted request which elicited the good reponse
+--@return String description for output
 local output = function(passwd, dir)
 	local trunc, len = truncatePasswd(passwd)
 	local out = ""