Nmap Development mailing list archives
Re: [NSE] http.lua and delimiters
From: jah <jah () zadkiel plus com>
Date: Tue, 30 Sep 2008 22:22:02 +0100
On 30/09/2008 22:03, David Fifield wrote:
On Wed, Sep 24, 2008 at 03:43:21AM +0100, jah wrote:I decided to knock-up a quick script which sends an HTTP request, uses socket.receive() in a loop to collect the response as an unmolested string and then detects the characters used to delimit the header and body and the characters used to delimit lines in both the header and the body.Hi. This is intriguing research. Can you send me the script so I can try to reproduce the results? I think it will help me evaluate the changes to the http module.
Sure thing. You'll want to change the output file location on line 16. Regards, jah
id="http newline" author="" runlevel="1" description = "" local comm = require "comm" local stdnse = require "stdnse" portrule = function(host, port) return ( ( port.service == 'http' or ( port.service == 'https' or port.version.service_tunnel == 'ssl' and nmap.have_ssl() ) ) and true ) or false end action = function( host, port ) -- put a file handle into the registry for sharing if not nmap.registry.nl then nmap.registry.nl = io.open( "U:\\jah\\desktop\\newline_services.txt", "a" ) end o = nmap.registry.nl -- basic http request local status, data = manual_request(host, port) -- quit if we didn't get any data if type( data ) ~= "string" or data == "" then o:write( ("%s : responded with nothing\n"):format( host.ip ) ) return nil end local out, header, body = {} out[#out+1] = ("%s"):format( host.ip ) -- try and separate the head from the body if data:match( "\r\n\r\n" ) then header, body = data:match( "^(.-)\r\n\r\n(.*)$" ) out[#out+1] = "header ends using CRLFCRLF" elseif data:match( "\n\n" ) then header, body = data:match( "^(.-)\n\n(.*)$" ) out[#out+1] = "header ends using LFLF" else body = data print( "RESPONSE", ((data:gsub( "\n", "\\n" )):gsub( "\r", "\\r" )) ) out[#out+1] = "cannot determine end of header" end if type( header ) == "string" then out[#out+1] = (( header:match( "\r\n" ) and "header (%s chars) lines delimited with CRLF" ) or ( header:match( "\n" ) and "header (%s chars) lines delimited with LF" ) or "header (%s chars) without line delimiter"):format( header:len() ) end if type( body ) == "string" then out[#out+1] = (( body:match( "\r\n" ) and "body (%s chars) lines delimited with CRLF" ) or ( body:match( "\n" ) and "body (%s chars) lines delimited with LF" ) or "body (%s chars) without line delimiter"):format( body:len() ) end o:write( (table.concat( out, " : " ) or "") .. "\n" ) end function manual_request(host, port) local request = "GET / HTTP/1.0\r\n\r\n" --request = request:format( host.ip ) local socket = nmap.new_socket() local catch = function() stdnse.print_debug( "%s Connection to %s failed or was aborted! No Output for this Target.", id, host.ip ) socket:close() end local try = nmap.new_try( catch ) socket:set_timeout( 10000 ) try( socket:connect( host.ip, port.number ) ) try( socket:send( request ) ) local response = {} while true do local status, chunk = socket:receive() if not status then break else response[#response+1] = chunk end end socket:close() stdnse.print_debug(1, "%s Closed connection to %s.", id, host.ip, db) if #response == 0 then return false, nil end return true, table.concat( response ) end
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE] http.lua and delimiters jah (Sep 23)
- Message not available
- Re: [NSE] http.lua and delimiters jah (Sep 30)
- Message not available
- Re: [NSE] http.lua and delimiters David Fifield (Sep 30)