Nmap Development mailing list archives

Re: [NSE patch] HTTPS support for showHTMLTitle

From: Sven Klemm <sven () c3d2 de>
Date: Fri, 29 Jun 2007 03:59:57 +0200

Matthew Boyle wrote:

Sven Klemm wrote:

attached is a patch that adds https support to showHTMLTitle. It uses
the port number to decide whether ssl is required or not. There is
probably a better way to detect whether ssl is needed, but in the soc
branch http and https both show up as service "http".


with a "standard" scan, it /should/ identify 443/tcp as "https", and set 
port.service appropriately.

if you also request a version-scan, you get "ssl/http" as the service 
name instead.  adding a test for this in the portrule (and modifying 
your patch accordingly), would also allow the script to run when the the 
service is on a non-standard port.


hmm but it didn't in my case I got http otherwise it wouldn't even
execute the action as the portrule only triggers on "http". I did
specify a service scan too.

When I specify a service scan the service is always http in the lua
script no matter whether it's http or https without service scan the
service is http or https. But the service_tunnel field gets set for a
 version scan. The attached patch takes this into account and works
for http and https with and without service scan.

Cheers,
Sven

Index: scripts/showHTMLTitle.nse
===================================================================
--- scripts/showHTMLTitle.nse   (revision 5044)
+++ scripts/showHTMLTitle.nse   (working copy)
@@ -14,20 +14,36 @@
 require "shortport"
 require "stdnse"
 
-portrule = shortport.port_or_service(80, "http")
+portrule = function(host, port)
+       if ( port.service=='http' 
+    or port.service=='https' )
+               and port.protocol == 'tcp'
+               and port.state == 'open'
+       then
+               return true;
+       else
+               return false;
+       end
+end
 
 --portrule = function(host, port) 
 --     return shortport.port_or_service(port, 80, "http")
 --end
 
 action = function(host, port)
-       local url, socket, request, result, status, s, title
+       local url, socket, request, result, status, s, title, protocol
 
        url = "http://"; .. host.name
 
        socket = nmap.new_socket()
 
-       socket:connect(host.ip, port.number)
+       if port.service == 'https' or port.version.service_tunnel == 'ssl' then
+               protocol = "ssl"
+       else
+               protocol = "tcp"
+       end
+  
+       socket:connect(host.ip, port.number, protocol )
        request = "GET / HTTP/1.0\r\n\r\n"
        socket:send(request)

Attachment: signature.asc
Description: OpenPGP digital signature


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

[NSE patch] HTTPS support for showHTMLTitle Sven Klemm (Jun 28)
- Re: [NSE patch] HTTPS support for showHTMLTitle Matthew Boyle (Jun 28)
  - Re: [NSE patch] HTTPS support for showHTMLTitle Sven Klemm (Jun 28)
    - Re: [NSE patch] HTTPS support for showHTMLTitle Diman Todorov (Jun 29)