PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 06:01:28 +00:00
Code Issues Projects Releases Wiki Activity

Do some cleanup and shortening of http-methods.nse.

Browse Source
This commit is contained in:
david
2010-02-19 02:34:45 +00:00
parent 9632670762
commit ffd7a6dba5
1 changed files with 16 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
scripts/http-methods.nse
View File

@@ -1,21 +1,19 @@
id = "HTTP allowed methods" id = "HTTP allowed methods"
description = [[ description = [[
Connects to an HTTP server and sends an OPTIONS request to see which HTTP methods are allowed on this server. Connects to an HTTP server and sends an OPTIONS request to see which
HTTP methods are allowed on this server. Optionally tests each method
By default, it tells only the Methods returned by an OPTIONS request in the Allow-Header. individually to see if they are subject to e.g. IP address restrictions.
In some cases a method is active, but requests with this method are only allowed e. g. from
certain IP addresses.
If http-methods.retest is set to true we also send one single request with every method found before
to see if it returns 200 OK or something other, e. g. 403 Forbidden
]] ]]
--- ---
-- @usage -- @args http-methods.url-path The path to request. Defaults to
-- nmap --script=http-methods.nse [--script-args http-methods.url-path=<URL_Path>,http-methods.retest=true|false] <target> -- <code>/</code>.
-- @args http-methods.url-path if You want another URL path than / just give it here (optional, defaults to /) -- @args http-methods.retest If defined, do a request using each method
-- @args http-methods.retest give true if You want to perfom a separat test for each -- individually and show the response code. Use of this argument can
-- HTTP method found - see @see description (optional, defaults to false) -- make this script unsafe; for example <code>DELETE /</code> is
-- possible.
--
-- @output -- @output
-- 80/tcp open http syn-ack Apache httpd 2.2.8 ((Ubuntu)) -- 80/tcp open http syn-ack Apache httpd 2.2.8 ((Ubuntu))
-- | HTTP allowed methods: according to OPTIONS request: GET,HEAD,POST,OPTIONS,TRACE -- | HTTP allowed methods: according to OPTIONS request: GET,HEAD,POST,OPTIONS,TRACE
@@ -24,6 +22,10 @@ to see if it returns 200 OK or something other, e. g. 403 Forbidden
-- | HTTP Status for POST is 200 OK -- | HTTP Status for POST is 200 OK
-- | HTTP Status for OPTIONS is 200 OK -- | HTTP Status for OPTIONS is 200 OK
-- |_ HTTP Status for TRACE is 200 OK -- |_ HTTP Status for TRACE is 200 OK
--
-- @usage
-- nmap --script=http-methods.nse --script-args http-methods.retest=1 <target>
-- nmap --script=http-methods.nse --script-args http-methods.url-path=/website <target>
author = "Bernd Stroessenreuther <berny1@users.sourceforge.net>" author = "Bernd Stroessenreuther <berny1@users.sourceforge.net>"
@@ -68,24 +70,8 @@ action = function(host, port)
local socket, request, result, methods, protocol, output, httpstatus, methodsarray, i, own_httpstatus, url_path, retest_http_methods, try, catch, location local socket, request, result, methods, protocol, output, httpstatus, methodsarray, i, own_httpstatus, url_path, retest_http_methods, try, catch, location
-- default vaules for script-args -- default vaules for script-args
url_path = "/" url_path = nmap.registry.args["http-methods.url-path"] or "/"
retest_http_methods = false retest_http_methods = nmap.registry.args["http-methods.retest"] ~= nil
-- evaluate script-args
if (nmap.registry.args ~= nil)
then
if (nmap.registry.args["http-methods.url-path"] ~= nil)
then
url_path = nmap.registry.args["http-methods.url-path"]
end
if (nmap.registry.args["http-methods.retest"] ~= nil)
then
if (nmap.registry.args["http-methods.retest"] == "true")
then
retest_http_methods = true
end
end
end
catch = function() catch = function()
socket:close() socket:close()