HEAD request. This makes it look like the response to the HEAD request
has a body. As a result, http-enum can wrongly surmise that HEAD
requests don't work when it hits a cache entry while testing HEAD.
# nmap --script=http-date,http-enum -PN -p 80 -d2
NSE: NSE Script Threads (2) running:
NSE: Final http cache size (373 bytes) of max size of 1000000
NSE: HTTP: Host returns proper 404 result.
NSE: Final http cache size (1905 bytes) of max size of 1000000
NSE: Finished 'http-date' (thread: 0x8535a40).
NSE: HTTP: Warning: Host returned data when performing HEAD.
NSE: Checking if a GET request is going to work out
After this change:
NSE: NSE Script Threads (2) running:
NSE: Final http cache size (373 bytes) of max size of 1000000
NSE: HTTP: Host returns proper 404 result.
NSE: Final http cache size (1905 bytes) of max size of 1000000
NSE: Finished 'http-date' (thread: 0x8e75b00).
NSE: Final http cache size (1905 bytes) of max size of 1000000
NSE: HTTP: Host supports HEAD.
the User-Agent header sent by NSE from its default of "Mozilla/5.0
(compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)".
You can set it to the empty string to disable the User-Agent
entirely. [David]
try /favicon.ico if that fails. If the favicon.uri script arg is given,
only try that. Use more robust parsing to find the <link> element; in
particular, be case insensitive.
which inadvertently made setting the locale with the LANG
environment variable stop working. Now the LANG variable is examined
first, and if that is not present, the system-wide setting is used.
with modifications from [2].
** Short description from [1] **
I have created a patch to NSE that replaces runlevels with a table of
dependencies that clearly outlines what other scripts the script
depends on. The table is of the form:
dependences = {"script1", script2", ...}
Runlevels become an internal representation of the order of scripts
that are generated by the dependencies. Dependencies only enforce
an execution order and not a requirement for execution.
[1] http://seclists.org/nmap-dev/2009/q4/295
[2] http://seclists.org/nmap-dev/2009/q4/446
sending the second probe if the first caused an error. This is based on
the results of a test by Richard Sammet showing that the default timeout
of 30 s is too long when scanning many open|filtered ports that are in
fact filtered.
