New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

http-useragent-tester should check for 403 Forbidden, not just redirects #141

Closed
dmiller-nmap opened this Issue May 28, 2015 · 1 comment

Comments

Projects
None yet
2 participants
@dmiller-nmap

dmiller-nmap commented May 28, 2015

http-useragent-tester is supposed to check for allowed and forbidden user agents, but it only handles sites that redirect forbidden agents elsewhere. The site could just as easily return a 403 Forbidden status code. Maybe the script should report any differences in HTTP status code, only using the redirect check when the normal response is also a redirect.

@dmiller-nmap dmiller-nmap changed the title from http-useragent-checker should check for 403 Forbidden, not just redirects to http-useragent-tester should check for 403 Forbidden, not just redirects May 28, 2015

@h4ck3rk3y

This comment has been minimized.

Show comment
Hide comment
@h4ck3rk3y

h4ck3rk3y Feb 18, 2016

Checks for redirection different from a browser user-agent, followed by a check for difference in response code. Shows the response code of browser user agent and all the ones where there was a change.
Also added XML output.
https://github.com/h4ck3rk3y/nmap-exp-gyani/blob/master/scripts/http-useragent-tester.nse

/cc @dmiller-nmap

h4ck3rk3y commented Feb 18, 2016

Checks for redirection different from a browser user-agent, followed by a check for difference in response code. Shows the response code of browser user agent and all the ones where there was a change.
Also added XML output.
https://github.com/h4ck3rk3y/nmap-exp-gyani/blob/master/scripts/http-useragent-tester.nse

/cc @dmiller-nmap

@nmap-bot nmap-bot closed this in 219154d Jun 15, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment