I copied parse_url_relative from favicon-survey.nse. Ron Meldau reported
that this error is raised:
http-favicon.nse:141: variable 'dirname' is not declared
It happens when a web page specifies a relative icon URL in a link
element. (dirname is used to absolutize the URL.)
Also, I changed to code to be sure to pass a plain string and number for
the host and port to parse_url_relative. Otherwise parse_url_relative
may return the tables that it receives and complicate the matching code
to decide if a URL should be followed.
parsing mostly. Response parsing is centralized, and fewer operations
are done on raw HTTP data.
The biggest user-visible change is that http.request goes back to
returning a parsed result table, not raw HTTP data. I believe this is
how the function worked in the past; it's what the NSEDoc for the
function says. The only thing that used http.request was citrixxml.lua,
and this commit alters it to match the new expectations.
The other change is that the http.pipeline function no longer accepts
the "raw" option. The only script that used that was sql-injection.nse,
and this commit modifies that script as well.
try /favicon.ico if that fails. If the favicon.uri script arg is given,
only try that. Use more robust parsing to find the <link> element; in
particular, be case insensitive.
with modifications from [2].
** Short description from [1] **
I have created a patch to NSE that replaces runlevels with a table of
dependencies that clearly outlines what other scripts the script
depends on. The table is of the form:
dependences = {"script1", script2", ...}
Runlevels become an internal representation of the order of scripts
that are generated by the dependencies. Dependencies only enforce
an execution order and not a requirement for execution.
[1] http://seclists.org/nmap-dev/2009/q4/295
[2] http://seclists.org/nmap-dev/2009/q4/446
sending the second probe if the first caused an error. This is based on
the results of a test by Richard Sammet showing that the default timeout
of 30 s is too long when scanning many open|filtered ports that are in
fact filtered.
1) I wrote a function that formats output from scripts in a consistent way. Although we haven't really come to a concensus on how it should look yet, it's easy to change when we do.
2) New script: smb-enum-groups.nse. Enumerate the local groups on a system and their membership.
The script provides detection when version probes fail, but will default to
the value provided the version probes if that value is more precise. The
script also detects the server platform and database instance name.
[Tom]
* Updated the way authentication works on smb -- it's significantly cleaner now
* smb-enum-shares.nse gives significantly better output now (it checks if shares are writable)
* Added a script that checks if smbv2 is enabled on a server
* Added smb-psexec, a script for executing commands on a remote Windows server. I also included some default scripts, a compiled .exe to run everything, and a ton of documentation (in the form of NSEDoc)
* Added 'override' parameters to some of the functions in smb.lua, which lets the programmer override any field in an outgoing SMB packet without modifying smb.lua.
* Lots of random code cleanups in the smb-* scripts/libraries
