From f2bb268135cfc3d05fd019fc103f72c914770755 Mon Sep 17 00:00:00 2001
From: henri <henri@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Tue, 25 Sep 2012 12:07:59 +0000
Subject: [PATCH] Added 404 detection checks to attempt to reduce false
 positives.

---
 scripts/http-backup-finder.nse | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/scripts/http-backup-finder.nse b/scripts/http-backup-finder.nse
index 0efede9f5..dca42dfa6 100644
--- a/scripts/http-backup-finder.nse
+++ b/scripts/http-backup-finder.nse
@@ -87,6 +87,12 @@ action = function(host, port)
 	local crawler = httpspider.Crawler:new(host, port, '/', { scriptname = SCRIPT_NAME } )
 	crawler:set_timeout(10000)
 
+	local res, res404, known404 = http.identify_404(host, port)
+	if not res then
+		stdnse.print_debug("%s: Can't identify 404 pages", SCRIPT_NAME)
+		return nil
+	end
+
 	local backups = {}
 	while(true) do
 		local status, r = crawler:crawl()
@@ -127,7 +133,7 @@ action = function(host, port)
 
 				-- attempt a HEAD-request against each of the backup files
 				local response = http.head(host, port, escaped_link)
-				if ( response.status == 200 ) then
+				if http.page_exists(response, res404, known404, escaped_link, true) then
 					if ( not(parsed.port) ) then
 						table.insert(backups, 
 							("%s://%s%s"):format(parsed.scheme, host, link))