Nmap Development mailing list archives
Re: New script for nmap that test XST vulnerability
From: Wagiro <Edu () wagiro es>
Date: Fri, 09 Jul 2010 16:24:58 +0200
Hi Wagiro, Thanks for picking this up, I'd completely forgotten that my modified http-trace script that specifically checks for XST had stalled in its development. http://seclists.org/nmap-dev/2007/q4/617 A script to check this issue would still certainly be useful for me. I'm concerned that your new script doesn't sufficiently check the output to confirm XST, as any server that modifies the trace request (which would probably get flagged by Kri's original script) could potentially generate a false positive (although I admit it's probably unlikely). Is it possible you could modify the script to send a fairly unique (perhaps use random numbers in the alert?) attack and then check the returned body for the malicious string we'd submitted to the server? Cheers, Rob
Hi Rob,
Thanks for your response. I wanted to ask you some questions:
In which cases would be useful to use the random token and which
improvements incorporates on the standard alert('XSS')?
Cheers,
Eduardo.
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Current thread:
- New script for nmap that test XST vulnerability Wagiro (Jul 09)
- Re: New script for nmap that test XST vulnerability Rob Nicholls (Jul 09)
- Re: New script for nmap that test XST vulnerability Wagiro (Jul 09)
- Re: New script for nmap that test XST vulnerability David Fifield (Aug 08)
- Re: New script for nmap that test XST vulnerability Rob Nicholls (Jul 09)