This was a mistake that was cauding later IP ID comparisons to be false
because of truncation. In particular, it could make all protocols appear
to be open when doing a -sO scan against localhost because the outgoing
packets looked like protocol replies.
- autodetecting form fields is now a bit more robust
- only the password field is mandatory
- HTTP re-directs are followed in case they're detected
- the detection of incorrect login attempts has been changed and supports
two new arguments (onsucces, onfailure)
[Patrik]
where the Script.new failed:
chosen_scripts[#chosen_scripts+1] = Script.new(path);
if Script.new returns nil, then the operation is a no-op (as intended). So,
just add the script to the array. Script.new now accepts a selected_by_name
argument so we don't set it manually.
Adjusted an Apache Stronghold matchline
Generated a softmatch for when Apache Stronghold does not present a version string.
Tweaked version detection for IdeaWebServer httpd to work against 302s and various
response configurations. Added matchline to grab X-Powered-By.
Added detection for IdeaPop3Server, IdeaSMTPServer, IdeaImapServer
Consolidated BIG-IP http / http-proxy related matchlines in a http-proxy matchline
that takes into account various responses (302,404, etc). Changed all instances
of the name to be "BIG-IP" in order to be consistent with F5's documentation.
The consolidated matchline is in the HTTP Options probe section as it appears to
be the most likely to generate a response from various versions of the platform.
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
It's a softmatch as it would match lines like
Server: Apache Tomcat 1.2.3 (blah blah blah)
We should have the multiprotocol version be the main version, with
IPv4-only code being a noted exception. Also these functions are almost
the same so one can call the other.
