PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-31 11:59:03 +00:00
Code Issues Projects Releases Wiki Activity

Added 404 detection checks to attempt to reduce false positives.

Browse Source
This commit is contained in:
henri
2012-09-25 12:07:59 +00:00
parent a0601febeb
commit f2bb268135
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
scripts/http-backup-finder.nse
View File

@@ -87,6 +87,12 @@ action = function(host, port)
local crawler = httpspider.Crawler:new(host, port, '/', { scriptname = SCRIPT_NAME } )
crawler:set_timeout(10000)
local res, res404, known404 = http.identify_404(host, port)
if not res then
stdnse.print_debug("%s: Can't identify 404 pages", SCRIPT_NAME)
return nil
end
local backups = {}
while(true) do
local status, r = crawler:crawl()
@@ -127,7 +133,7 @@ action = function(host, port)
-- attempt a HEAD-request against each of the backup files
local response = http.head(host, port, escaped_link)
if ( response.status == 200 ) then
if http.page_exists(response, res404, known404, escaped_link, true) then
if ( not(parsed.port) ) then
table.insert(backups,
("%s://%s%s"):format(parsed.scheme, host, link))