http-useragent-tester should check for 403 Forbidden, not just redirects #141

Closed
dmiller-nmap opened this Issue May 28, 2015 · 1 comment

Comments

Projects
None yet
2 participants

http-useragent-tester is supposed to check for allowed and forbidden user agents, but it only handles sites that redirect forbidden agents elsewhere. The site could just as easily return a 403 Forbidden status code. Maybe the script should report any differences in HTTP status code, only using the redirect check when the normal response is also a redirect.

dmiller-nmap changed the title from http-useragent-checker should check for 403 Forbidden, not just redirects to http-useragent-tester should check for 403 Forbidden, not just redirects May 28, 2015

Checks for redirection different from a browser user-agent, followed by a check for difference in response code. Shows the response code of browser user agent and all the ones where there was a change.
Also added XML output.
https://github.com/h4ck3rk3y/nmap-exp-gyani/blob/master/scripts/http-useragent-tester.nse

/cc @dmiller-nmap

nmap-bot closed this in 219154d Jun 15, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment