Nmap Development mailing list archives

[NSE] http-backup-finderpatch

From: Martin Holst Swende <martin () swende se>
Date: Sat, 04 Feb 2012 22:53:01 +0100

Hi,

While scanning my cupsdaemon with some http-*, I found a flaw in the
http backup finder. It spat out some strange folders due to a
malfunction if it cannot determine a filename and a suffix:

| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=localhost
[snip]
|   http://localhost:631/classes/{basename}.bak
|   http://localhost:631/classes/{basename}.{suffix}~
|   http://localhost:631/classes/{basename} copy.{suffix}
|   http://localhost:631/classes/Copy of {basename}.{suffix}
|   http://localhost:631/classes/Copy (2) of {basename}.{suffix}
[snip]

Attached is a patch.
Regards,
Martin Holst Swende

Attachment: svndiff-backupfinder.txt
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] http-backup-finderpatch Martin Holst Swende (Feb 04)
- Re: [NSE] http-backup-finderpatch Patrik Karlsson (Feb 05)
  - Re: [NSE] http-backup-finderpatch Martin Holst Swende (Feb 05)