perdo
09f7b93949
Modify http-enum and http-fingerprints file so they work with http pipeline better.
2012-07-23 21:55:13 +00:00
batrick
a20ea34d38
Fix error strings and remove "path" parameter that has no apparent meaning
2012-06-06 21:27:39 +00:00
batrick
000f6dc4d9
Lua 5.2 upgrade [1] for NSE.
...
[1] http://seclists.org/nmap-dev/2012/q2/34
2012-05-27 08:53:32 +00:00
ron
1dadea9407
added documentation for new script-arg
2011-01-03 03:51:11 +00:00
ron
229f118fdd
Added a 'category' script-arg to http-enum.nse, which lets the user filter the fingerprints they want. This was requested by a user.
2011-01-03 03:48:48 +00:00
ron
fef25e6a42
Made some big style changes to clean up HTTP library. Primarily focused on improving the interface, NSEDoc, and pipline support
2010-11-02 02:07:01 +00:00
ron
13bb98b8b8
Bring in changes from my experimental brange, nmap-http
2010-10-27 03:08:08 +00:00
david
a9b75892f5
Use shortport.http where appropriate.
2010-08-09 22:30:50 +00:00
david
b9633ed69b
Do copyediting of NSEDoc. This is a first pass up to ms-sql-xp-cmdshell.
2010-07-09 23:32:18 +00:00
robert
fafbf5c704
Removed a duplicate require for stdnse.
2010-04-25 17:35:54 +00:00
kris
c6508cceb6
Fix http-enum.nse so it uses the full pathname for the fingerprints file (from
...
fetchfile) so it doesn't throw an error and quit running.
Reported by Ron Meldau and Brandon:
http://seclists.org/nmap-dev/2010/q1/222
2010-01-22 18:38:46 +00:00
fyodor
77ab5c4305
Remove email addresses from scripts as discussed in this thread: http://seclists.org/nmap-dev/2009/q4/466
2009-11-24 08:49:02 +00:00
ron
08da8db7f0
Importing changes from my branch. There are two major updates:
...
1) I wrote a function that formats output from scripts in a consistent way. Although we haven't really come to a concensus on how it should look yet, it's easy to change when we do.
2) New script: smb-enum-groups.nse. Enumerate the local groups on a system and their membership.
2009-11-20 16:05:06 +00:00
ron
f4458c1917
Added the ability (off by defaultk, since it generates 20x requests) for http-enum.nse to generate variants of each file. This would probably be more useful to use after running a spider script than here, but the code should be essentially the same. I'm hoping it'll be used somewhere more appropriate, eventually.
...
Also added a couple fingerprints.
2009-09-08 19:51:53 +00:00
ron
46d95b5913
Added a 'path' argument to http-enum.nse. Also added the ability to give an array of fingerprints files or an array of paths to search
2009-08-29 15:34:09 +00:00
ron
5da8f8199e
Added http-headers.nse script to database
2009-08-26 00:23:26 +00:00
ron
91518a5222
Added a script-arg to http-enum.nse allowing the user to give a custom fingerprint file. Also changed script to use straight nmap.fetchfile(filename) then to use nmap.fetchfile('nselib/data/' .. filename) to find the fingerprints file, which lets a user give his fingerprints file in the current folder.
...
It might be better to give priority the other way, though, I'm not really sure.
2009-08-25 23:55:05 +00:00
ron
c1d48010a1
Added caching for the HTTP fingerprint files. It mimics similar code from http-usedir-enum.nse, storing the fingerprints in the registry and checking if it exists before reading them.
2009-08-25 23:45:48 +00:00
ron
fbf2c3d6a7
Print the http status along with the result, if it isn't 200 OK. This was the original behaviour, but it got lost along the way.
2009-08-23 16:58:53 +00:00
ron
fbc8e180ca
Converted http-userdir-enum.nse to use my http-enum.nse logic (from http.lua). Also moved the 'displayall' script-arg back into the script, not http.lua, because http-userdir-enum.nse actually wants to find non-200 pages (403 Access Denied, for instance).
2009-08-23 00:43:46 +00:00
ron
cf33de55f3
Moved the definition for the 'displayall' argument into http.lua.
2009-08-23 00:24:23 +00:00
ron
77e7738545
Moved the meat of the http-enum.nse code (the 404-detection, HEAD-detection, etc) into http.lua. It may be a better idea to use http-helper.lua or something similar, but for now http.lua works. I'm open to suggestiosn.
2009-08-23 00:22:20 +00:00
ron
4616e62760
Fix some tabs
2009-08-22 23:55:43 +00:00
ron
a546ebc84f
Clean up a lot of the http-enum.nse code; add some comments; abstract the 'is this a 404?' logic into a function (so it can eventually used by other scripts
2009-08-22 23:54:27 +00:00
ron
c9a62acf31
A major overhaul of the http-enum.nse script:
...
* Cleaned up and function-ized the code. Planning to move the functions to http.lua or similar to let other scripts (like http-userdir-enum.nse) use them.
* Better support for different HTTP error codes
* Significantly improved detection of 404 pages to prevent false positives. Some of the techniques used:
- Request a non-existent page and check the status code
- If it's 200, try to remove anything that may change (times, URI, filenames, etc), md5 it if ssl is available, and store it. Request a second 404 page and do the same. If they don't match, abort.
- If it's any other error code, store it, and look for it in addition to 404 Not Found
- Request the root folder, /
- If it returns a 301 Move Permanently or 401 Authentication Required, abort
* Abstracted the fingerprints into files in the nselib/data directory:
- http-fingerprints: common files/folders
- yokoso-fingerprints: common applications (from the Yokoso project, by InGuardians -- used under the Nmap license with pemission from Kevin Johnson -- http://seclists.org/nmap-dev/2009/q3/0685.html )
* Added a script-arg that can display all output (except known 404s), instead of just 200 OK and 401 Authentication Required
* Added a lot of debugging messages
2009-08-22 23:19:16 +00:00
batrick
5e362ac43d
Changed a global variable to a local to avoid an error from the strict
...
module.
2009-08-15 14:57:52 +00:00
joao
bf4599385e
Added pipeline support to http-enum.nse
2009-08-12 01:52:03 +00:00
joao
8e145d6994
Fixing script categories
2009-08-10 11:17:52 +00:00
joao
53cefe9de0
Included Rob Nicholl's http-enum.nse script
2009-07-24 09:18:34 +00:00
