Skip to content

Handle HTTP 414 in http-form-fuzzer.nse #113

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dmiller-nmap opened this issue May 13, 2015 · 6 comments
Closed

Handle HTTP 414 in http-form-fuzzer.nse #113

dmiller-nmap opened this issue May 13, 2015 · 6 comments
Labels
bug NSE

Comments

@dmiller-nmap
Copy link

Report: http://seclists.org/nmap-dev/2012/q3/86
@G10h4ck
Copy link
Contributor

G10h4ck commented Jun 3, 2015

I am workign on it ;)
https://gitlab.com/g10h4ck/nmap-gsoc2015/commits/hotfix/113

@dmiller-nmap
Copy link
Author

Gio, it looks like you've made maxlen_global and minlen_global into
actual global variables; this means that if scanning multiple targets and
one target gives the 414 error, all targets will have maxlen_global
reduced. Please try to keep this variable unique per host being scanned
(e.g. local to the action function).

On Wed, Jun 3, 2015 at 5:40 AM, Gioacchino notifications@github.com wrote:

I am workign on it ;)
https://gitlab.com/g10h4ck/nmap-gsoc2015/commits/hotfix/113


Reply to this email directly or view it on GitHub
#113 (comment).

@G10h4ck
Copy link
Contributor

G10h4ck commented Jun 4, 2015

Now they are visible for all function, but get reassigned by the action function so they are host specific :)

Can you test it ?

@dmiller-nmap
Copy link
Author

Gio, even though the stdnse.get_script_args calls are within the action function, the variables themselves are local to the file, which means that two instances of the script will share the same variable, with the potential to overwrite each other. They must be declared local to the action function (or some other function). You can then pass them in and out of the fuzz_field function as necessary, or even declare the fuzz_field function as a closure over the maxlen and minlen variables. There is probably not a need to have a _global variant of these; one per instance is enough.

@G10h4ck
Copy link
Contributor

G10h4ck commented Jun 10, 2015

I am wondering if treating 414 on a per hosts base is the better approach...
The question is should be maxlen the same for all forms of an host ?
I have done a brief research and it seems to me that we should treat this as a form specific stuff, because as an example we could get a 414 for a form with method GET with long input while not on a form with POST method on the same host

In last commit i made max/min len form specific https://gitlab.com/g10h4ck/nmap-gsoc2015/commits/hotfix/113

@dmiller-nmap
Copy link
Author

Fixed in dd0c387

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug NSE
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@G10h4ck @dmiller-nmap