PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-07 15:09:01 +00:00
Code Issues Projects Releases Wiki Activity
Files
5effe4c770113643a6a3903e7ddaf603899943f4
nmap/scripts/http-trace.nse
paulino 5effe4c770 New version of http-trace. It addresses issues discussed: 
* http://seclists.org/nmap-dev/2010/q2/295
    * http://seclists.org/nmap-dev/2007/q3/327
    * http://seclists.org/nmap-dev/2007/q4/610

    Features:
* This version will always show you if TRACE is enabled (Current http-trace only shows headers that are different from the original response causing confusion in cases where TRACE is not reported as enabled because the host did not return any additional headers)
    * Supports redirects.
2011-06-27 20:38:59 +00:00

67 lines
1.7 KiB
Lua
Raw Blame History

description = [[
Sends an HTTP TRACE request and shows if the method TRACE is enabled. If debug is enabled, it returns the header fields that were modified in the response.
]]
---
-- @usage
-- nmap --script http-trace -d <ip>
--
-- @output
-- 80/tcp open http syn-ack
-- | http-trace: TRACE is enabled
-- | Headers:
-- | Date: Tue, 14 Jun 2011 04:41:28 GMT
-- | Server: Apache
-- | Connection: close
-- | Transfer-Encoding: chunked
-- |_Content-Type: message/http
--
-- @args http-trace.path Path to URI
author = "Paulino Calderon"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"discovery", "safe"}
require "shortport"
require "stdnse"
require "http"
portrule = shortport.http
--- Validates the HTTP response and returns header list
--@param response The HTTP response
--@param response_headers The HTTP response headers
local validate = function(response, response_headers)
local output_lines = {}
if not(response:match("HTTP/1.[01] 200") or response:match("TRACE / HTTP/1.[01]")) then
return
else
output_lines[ #output_lines+1 ] = "TRACE is enabled"
end
if nmap.verbosity() >= 2 then
output_lines[ #output_lines+1 ]= "Headers:"
for _, value in pairs(response_headers) do
output_lines [ #output_lines+1 ] = value
end
end
if #output_lines > 0 then
return stdnse.strjoin("\n", output_lines)
end
end
---
--MAIN
---
action = function(host, port)
local path = nmap.registry.args["http-trace.path"] or "/"
local req = http.generic_request(host, port, "TRACE", path)
if (req.status == 301 or req.status == 302) and req.header["location"] then
req = http.generic_request(host, port, "TRACE", req.header["location"])
end
return validate(req.body, req.rawheader)
end
Reference in New Issue View Git Blame Copy Permalink