Nmap Development mailing list archives
RE: http-unsafe-output-escaping help
From: "Milliron, Brian" <BMilliron () semprautilities com>
Date: Thu, 9 Aug 2012 09:19:09 -0700
Thanks Martin. -----Original Message----- From: Martin Holst Swende [mailto:martin () swende se] Sent: Wednesday, August 08, 2012 11:35 PM To: Milliron, Brian Cc: nmap-dev () insecure org Subject: Re: http-unsafe-output-escaping help Hi, On 08/09/2012 01:30 AM, Milliron, Brian wrote:
I'm not able to get this script to spider from the specified start point. It also does not do anything if the -sn -Pn options are selected. I'm using this command line: nmap --script +http-unsafe-output-escaping.nse --script-args 'http-unsafe-output-escaping.url=/1057/hephastus/3ofclubs/index2.html' --script-trace -p 80 athena.ordonomicon.net
Specifying -Pn works fine for me, however, -sN results in the port being found closed. I assume that's why you use the '+', to force the script to run. However, the 'force'-option does not work that way; it is not intended to force scripts to run on closed ports, only on ports where the service has not been identified (or incorrectly identified), so it will not make any difference here.
But it keeps trying to scan the root, which goes nowhere:
This is now fixed, it was simple a mistake on my part. I now send 'nil' to the library instead, and let the library sort out the parameters. This has been committed as r29538, but the diff is inlined so it can be applied without updating from svn: $ svn diff scripts/http-unsafe-output-escaping.nse Index: scripts/http-unsafe-output-escaping.nse =================================================================== --- scripts/http-unsafe-output-escaping.nse (revision 29537) +++ scripts/http-unsafe-output-escaping.nse (working copy) @@ -123,7 +123,7 @@ action = function(host, port) - local crawler = httpspider.Crawler:new(host, port, '/', { scriptname = SCRIPT_NAME } ) + local crawler = httpspider.Crawler:new(host, port, nil, { scriptname = SCRIPT_NAME } ) crawler:set_timeout(10000) local results = {} Regards, Martin Holst Swende _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- http-unsafe-output-escaping help Milliron, Brian (Aug 08)
- Re: http-unsafe-output-escaping help Martin Holst Swende (Aug 08)
- RE: http-unsafe-output-escaping help Milliron, Brian (Aug 09)
- Re: http-unsafe-output-escaping help Martin Holst Swende (Aug 08)