PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 22:21:29 +00:00
Code Issues Projects Releases Wiki Activity
13,320 Commits 2 Branches 0 Tags
f2548e68a8c69e35e1e8d9f3a258bfbe7e9374cf
Commit Graph

257 Commits

Author SHA1 Message Date
nnposter
eb1ed93540 Skip over empty content encoding placeholders 2025-10-19 19:13:24 +00:00
nnposter
83824ff04d Socket timeout must be set before connecting 2025-09-29 22:24:51 +00:00
nnposter
65e0368740 Use the same pipeline request timeout consistently across connections 2024-12-01 15:08:42 +00:00
nnposter
c98b77bd65 Preserve global pipeline connection options. Closes #2941 2024-12-01 14:36:47 +00:00
dmiller
325a4f680c http.lua parse_redirect support URL params 2024-10-03 19:18:12 +00:00
dmiller
1a7a96274a Avoid format-string bugs. Fixes #2634 2023-07-20 17:24:16 +00:00
dmiller
e3ab97215d Handle internationalized domain names (IDN) 2022-09-21 21:03:57 +00:00
dmiller
c8fdcd80b5 Precalc/reuse some tables and values 2020-11-30 17:59:18 +00:00
dmiller
8eebe86ee9 http.lua: Reuse constant objects instead of creating them 2020-11-06 21:48:32 +00:00
dmiller
2f0e104f02 Allow numeric-string port numbers as arguments to http.lua funcs 2020-02-18 18:29:57 +00:00
nnposter
96e17c4f63 Prevent potential nil dereference. Fixes #1885 2020-01-11 03:15:34 +00:00
nnposter
f513575f5c Rectify an HTTP digest authentication crash. Fixes #1665 2019-08-05 00:14:10 +00:00
nnposter
5f5c8b32f6 Add support for gzip-encoded, yet empty body. Closes #1662 2019-07-20 23:37:32 +00:00
nnposter
43b9461e5c Remove unused variables from http.lua 2019-06-03 00:21:59 +00:00
dmiller
302f5d5bd6 http.lua tests using gzip will fail unless zlib is available. 2019-05-24 18:28:49 +00:00
nnposter
d03207e27d Improve documentation for changes in r37627 (#1571) 2019-05-21 16:56:15 +00:00
nnposter
df2693232a Support for gzip-encoded HTTP responses and enforcement of body size limit. 2019-05-21 02:38:02 +00:00
nnposter
976668b564 Header Connection is a comma-separated list 2019-04-21 18:42:50 +00:00
dmiller
b642dc129c Fix a bug in the fix. ebf083cb0b (commitcomment-31471930) 2018-11-29 17:42:09 +00:00
dmiller
ebf083cb0b Fix a crash in http scripts when following redirects 2018-11-27 04:43:16 +00:00
dmiller
0500811f5a Move string utility functions to stringaux.lua 2018-10-18 01:08:19 +00:00
dmiller
dcc0e3ed7e New tableaux library containing table auxiliary functions. 2018-10-17 15:34:30 +00:00
dmiller
0d18bcdbc2 Remove bin.lua calls from some scripts and libraries 2018-08-29 03:06:40 +00:00
dmiller
d84ddbe3fd Remove bit library from a few more libs 2018-08-28 03:52:55 +00:00
dmiller
9c3e676871 Strictly obey URI scheme when available, e.g. no SSL if scheme is http, no plain if https 2018-08-27 15:34:19 +00:00
dmiller
069c76a1de Handle https://example.com:80 and http://example.com:443 cases 
The shortport.ssl check can be expensive (6-second timeout on HTTP
services if you don't use -sV), so we want to avoid it if possible. As
discussed at
b2deb019ed (commitcomment-30289632)
this commit restores the SSL check in cases where it might matter (http
and https default ports) and adds a bypass when the URI scheme is
explicitly requested, as in http.get_url and when following redirects.
 2018-08-26 18:24:43 +00:00
dmiller
b2deb019ed Don't use shortport.ssl to determine Host header. 
The only reason this was used was to determine if port 443 was HTTPS.
Simply dropping the port if it's 80 or 443 yields the same outcome.
Maybe we want to be more clear, but then we'd need to have the caller
pass in the URI scheme, too. This is faster and avoids the new SSL
probes in shortport.ssl.
 2018-08-11 21:23:58 +00:00
dmiller
622c14c115 Some fixes for script crashes due to updated shortport.ssl 2018-07-12 04:14:35 +00:00
dmiller
5318e42481 New script-arg http.host to force a particular Host header. Closes #1251 2018-07-12 03:43:11 +00:00
nnposter
f6790a865e Allows HTTP response status lines without a reason phrase. RFC 7230, 
section 3.1.2, syntactically requires its presence but prescribes that
clients should ignore it regardless. Some real-world servers do not
use it so NSE could not interact with them without this change.
 2018-06-18 20:57:43 +00:00
nnposter
356501dcd0 Converts unit test case definitions from lists to hash tables for better readability 2018-06-18 20:29:21 +00:00
nnposter
23d61f5baa Improves Set-Cookie header parser compliance with RFC 6265 2018-04-25 22:46:35 +00:00
nnposter
90230ed85d Fixes a comment typo 2018-04-01 23:04:47 +00:00
nnposter
59f80c31eb Allows parsing of empty attributes in Set-Cookie header. Fixes #1169 2018-04-01 22:47:25 +00:00
nnposter
089a76952b Improves unit testing for parse_set_cookie (parser for Set-Cookie header) 2018-04-01 22:40:26 +00:00
rewanth
6ee953a5ff Removes trailing spaces in 69 files. Closes #971. 2017-08-23 08:52:40 +00:00
rewanth
c2a9a5bbe3 Removes parse_url from http.lua and makes url.parse more functional. Closes #952. 2017-08-14 20:30:57 +00:00
nnposter
cf56f93d95 Fixes a blank nsedoc line 2017-07-29 01:50:42 +00:00
nnposter
da4d624572 Refreshes the main documentation section for http.lua. Fixes #933 2017-07-29 01:31:33 +00:00
dmiller
9d90970c61 Cache result of identify_404 for each service. 
We already use the web cache, so the requests weren't being sent more
than once in many situations, but since the "random" requests were
generated using a timestamp, they change after 1 second, resulting in
more requests and cache bloat. So instead, we cache the result of the
function call, since that should be stable for the lifetime of the
service. Still using the web cache to avoid multiple requests in a
1-second timespan.
 2017-07-27 18:21:10 +00:00
nnposter
6f1f87d700 Disables default use of persistent connections with HTTP 1.0 targets. Fixes #935 2017-07-22 00:23:10 +00:00
nnposter
7cfccf7399 Adds HTTP protocol version as a new member of the HTTP response table. Closes 934 2017-07-21 23:15:39 +00:00
nnposter
d1e8388b7e Trivial documentation clean-up 2017-07-07 20:11:53 +00:00
nnposter
78486c1b89 Removes potentially confusing comment 2017-07-07 19:19:00 +00:00
vinamra
2c98b309a8 Corrects URL-Redirection in Relative Paths closes #918 2017-06-24 19:04:06 +00:00
nnposter
d478199ada Allows cookies to have unrecognized attributes (see RFC 6265, Section 5.2). Fixes #866 2017-04-29 14:36:46 +00:00
nnposter
0b36ba5cea Allows unquoted cookie values to contain whitespace, as defined in RFC 6265. Fixes #844 2017-04-29 14:05:57 +00:00
dmiller
5953b817ac A couple tests for http.lua; see #844 2017-04-27 17:28:46 +00:00
nnposter
b9aac1d6ba Cleans up inline documentation for the default HTTP redirect behavior. Fixes #831 2017-04-19 18:42:51 +00:00
nnposter
cfa57758ad Changes the redirect rule to return false in case of a missing path. This 
change aligns the code with the corresponding comment. Fixes #830
 2017-04-19 18:39:20 +00:00