* bugfixes to several http scripts related to new redirect code in http

library * added option to httpspider that allows passing the redirect_ok closure to the http library [Patrik]
2025-12-08 21:51:28 +00:00 · 2012-02-11 22:37:14 +00:00
parent 8026f8ed27
commit fccccff960
5 changed files with 8 additions and 7 deletions
--- a/nselib/data/http-default-accounts-fingerprints.lua
+++ b/nselib/data/http-default-accounts-fingerprints.lua
@@ -23,7 +23,7 @@
 ---
 local function try_http_basic_login(host, port, path, user, pass)
    local credentials = {username = user, password = pass}
-    local req = http.get(host, port, path, {no_cache=true, auth=credentials})
+    local req = http.get(host, port, path, {no_cache=true, auth=credentials, redirect_ok = false})
    if req.status ~= 401 and req.status ~= 403 then
      return true
    end
@@ -46,7 +46,7 @@ local function try_http_post_login(host, port, path, target, failstr, params, fo
    local status = ( req and tonumber(req.status) ) or 0
    if follow_redirects and ( status > 300 and status < 400 ) then
-      req = http.get(host, port, url.absolute(path, req.header.location), { no_cache = true})
+      req = http.get(host, port, url.absolute(path, req.header.location), { no_cache = true, redirect_ok = false })
    end
    if not(http.response_contains(req, failstr)) then
      return true
--- a/nselib/http.lua
+++ b/nselib/http.lua
@@ -1316,7 +1316,7 @@ local function parse_redirect(host, port, path, response)
       not(response.header.location) ) then
    return nil
  end
-
+  port = ( "number" == type(port) ) and { number = port } or port
  local u = url.parse(response.header.location)
  if ( not(u.host) and not(u.scheme) ) then
    -- we're dealing with a relative url
--- a/nselib/httpspider.lua
+++ b/nselib/httpspider.lua
@@ -482,6 +482,7 @@ Crawler = {
 	--        <code>withindomain</code> - stay within the base_url domain
 	--        <code>scriptname</code> - should be set to SCRIPT_NAME to enable
 	--                                  script specific arguments.
 	--        <code>redirect_ok</code> - redirect_ok closure to pass to http.get function
 	-- @return o new instance of Crawler or nil on failure
 	new = function(self, host, port, url, options)
 		local o = {
@@ -498,7 +499,7 @@ Crawler = {
 		o:loadLibraryArguments()
 		o:loadDefaultArguments()
-		local response = http.get(o.host, o.port, '/', { timeout = o.options.timeout } )
+		local response = http.get(o.host, o.port, '/', { timeout = o.options.timeout, redirect_ok = o.options.redirect_ok } )
 		if ( not(response) or 'table' ~= type(response) ) then
 			return
@@ -629,7 +630,7 @@ Crawler = {
 			end
 			-- fetch the url, and then push it to the processed table
-			local response = http.get(url:getHost(), url:getPort(), url:getFile(), { timeout = self.options.timeout } )
+			local response = http.get(url:getHost(), url:getPort(), url:getFile(), { timeout = self.options.timeout, redirect_ok = self.options.redirect_ok } )
 			self.processed[tostring(url)] = true
 			if ( response ) then
--- a/scripts/http-open-redirect.nse
+++ b/scripts/http-open-redirect.nse
@@ -82,7 +82,7 @@ end
 action = function(host, port)
-	local crawler = httpspider.Crawler:new(host, port, '/', { scriptname = SCRIPT_NAME } )
+	local crawler = httpspider.Crawler:new(host, port, '/', { scriptname = SCRIPT_NAME, redirect_ok = false } )
 	crawler:set_timeout(10000)
 	local results = {}
--- a/scripts/http-vhosts.nse
+++ b/scripts/http-vhosts.nse
@@ -541,7 +541,7 @@ action = function(host, port)
    if targetname ~= nil then
-      http_response = http.head(host, port, path, {header={Host=targetname}, bypass_cache=true})
+      http_response = http.head(host, port, path, {header={Host=targetname}, bypass_cache=true, redirect_ok = false})
      if not http_response.status  then
        if not http_response["ERROR"] then