Nmap Development mailing list archives
[NSE] Improved TRACE/TRACK detection script
From: <Patrick.Bogen () foundstone com>
Date: Tue, 18 Oct 2011 11:02:44 -0700
Direct link to the script: http://opensecurityresearch.com/files/http-trace-track.nse Article explaining the improvements: http://blog.opensecurityresearch.com/2011/10/updated-http-tracetrack-plugin-for-nmap.html Summary: * both TRACE and TRACK * HTTP/1.1 * semi-intelligent false positive reduction (compares TRACE/TRACK response to a valid GET response and an invalid/made up verb response; verb is only "supported" if the response is HTTP 200, and it differs from the GET response, and it differs from the invalid verb response.) (p.s., please CC me on any replies; I'm not subscribed to the list. If this isn't the correct place to submit a script for inclusion, I apologize, and would appreciate any redirection to the proper place.) -- Patrick Bogen Consultant Foundstone Professional Services Follow Foundstone on Twitter: http://twitter.com/Foundstone Incident Response & Forensics: http://www.foundstone.com/IR http://www.foundstone.com http://www.mcafee.com PGP Key: http://www.foundstone.com/us/pgpkeys/patrickbogen.asc _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Improved TRACE/TRACK detection script Patrick.Bogen (Oct 18)