Re: [RFC][NSE] Incomplete HTTP response body

[Daniel Miller <bonsaiviking () gmail com>]

My initial thought is that this is very interesting. I can't remember
specifically, but it does seem like I've encountered cases where it would
have been useful. I'll look at the code itself shortly and give feedback.

Dan

On Fri, Mar 17, 2017 at 3:16 PM, nnposter <nnposter () users sourceforge net>
wrote:

> Nmappers,
> Recent e-mail thread "Get value in IncompleteRead exception",
> http://seclists.org/nmap-dev/2017/q1/191, covered the fact that the
> current NSE HTTP library does not provide means how to obtain partially
> received response bodies. If the response parsing fails for whatever
> reason the caller only gets a nil status, and the status line contains a
> one-line error message. The caller specifically does not get any data
> from the response itself.
>
> I have put together a patch that adds a new member to the response
> object. If an HTTP response fails while processing the body then this
> member gets populated with a body fragment received up to that point.
>
> The value proposition is that probing for HTTP vulnerabilities sometimes
> results in incorrectly formed bodies. The content length might be off or
> the chunks are corrupted. With this modification a vulnerability test
> script might still be able to use the HTTP library, instead of
> hand-rolling the request.
>
> I am looking for opinions whether such a functionality is desirable or not.
>
> The attached patch applies cleanly against r36651 if you want to try it
> out. I am not going to commit it by default, without a reasonable
> consensus.
>
>
> Thank you for your thoughts,
> nnposter
>
> _______________________________________________
> Sent through the dev mailing list
> https://nmap.org/mailman/listinfo/dev
> Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/