-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HTTP default port simplification #781
Comments
I have identified a number of scripts that could benefit from the same code abstraction. @dmiller-nmap Do you have any concerns over moving |
Here is the subsequent patch that moves the function to --- a/nselib/data/http-default-accounts-fingerprints.lua
+++ b/nselib/data/http-default-accounts-fingerprints.lua
@@ -155,10 +155,8 @@
local parts = tcopy(parsed or {})
parts.host = parts.host or stdnse.get_hostname(host, port)
parts.scheme = parts.scheme or shortport.ssl(host, port) and "https" or "http"
- local pn = parts.port or tostring(port.number)
- if not (parts.scheme == "http" and pn == "80"
- or parts.scheme == "https" and pn == "443") then
- parts.port = pn
+ if not parts.port and port.number ~= url.get_default_port(parts.scheme) then
+ parts.port = tostring(port.number)
end
return parts
end
--- a/nselib/http.lua
+++ b/nselib/http.lua
@@ -158,10 +158,9 @@
end
--- Provide the default port for a given scheme.
-local function get_default_port (scheme)
- local ports = {http=80, https=443}
- return ports[scheme]
-end
+-- The localization is necessary because functions in http.lua like to use
+-- "url" as a local parameter
+local get_default_port = url.get_default_port
--- Get a value suitable for the Host header field.
-- See RFC 2616 sections 14.23 and 5.2.
--- a/nselib/url.lua
+++ b/nselib/url.lua
@@ -373,4 +373,16 @@
return table.concat(qstr, '&')
end
+---
+-- Provides the default port for a given URI scheme.
+--
+-- @param scheme for determining the port, such as "http" or "https".
+-- @return A port number as an integer, such as 443 for scheme "https",
+-- or nil in case of an undefined scheme
+-----------------------------------------------------------------------------
+function get_default_port (scheme)
+ local ports = {http=80, https=443}
+ return ports[(scheme or ""):lower()]
+end
+
return _ENV;
--- a/nselib/httpspider.lua
+++ b/nselib/httpspider.lua
@@ -233,9 +233,7 @@
base_href = base_href .. '/'
end
- if ( ( base_url:getProto() == 'https' and base_url:getPort() == 443 ) or
- ( base_url:getProto() == 'http' and base_url:getPort() == 80 ) ) then
-
+ if base_url:getPort() == url.get_default_port(base_url:getProto()) then
if ( leading_slash ) then
return ("%s://%s/%s"):format(base_url:getProto(), base_url:getHost(), rel_url)
else
@@ -427,14 +425,7 @@
self.proto, self.host, self.port, self.file = self.raw:match("^(http[s]?)://([^:/]*)[:]?(%d*)")
if ( self.proto and self.host ) then
self.file = self.raw:match("^http[s]?://[^:/]*[:]?%d*(/[^#]*)") or '/'
- self.port = tonumber(self.port)
- if ( not(self.port) ) then
- if ( self.proto:match("https") ) then
- self.port = 443
- elseif ( self.proto:match("http")) then
- self.port = 80
- end
- end
+ self.port = tonumber(self.port) or url.get_default_port(self.proto)
self.path = self.file:match("^([^?]*)[%?]?")
self.dir = self.path:match("^(.+%/)") or "/"
--- a/scripts/http-backup-finder.nse
+++ b/scripts/http-backup-finder.nse
@@ -122,13 +122,8 @@
if ( parsed.path:match(".*%.*.$") ) then
-- iterate over possible backup files
for link in backupNames(parsed.path) do
- local host, port = parsed.host, parsed.port
-
- -- if no port was found, try to deduce it from the scheme
- if ( not(port) ) then
- port = (parsed.scheme == 'https') and 443
- port = port or ((parsed.scheme == 'http') and 80)
- end
+ local host = parsed.host
+ local port = parsed.port or url.get_default_port(parsed.scheme)
-- the url.escape doesn't work here as it encodes / to %2F
-- which results in 400 bad request, so we simple do a space
--- a/scripts/http-favicon.nse
+++ b/scripts/http-favicon.nse
@@ -128,21 +128,17 @@
-- host, port, and path if the URL is relative. Return nil if the scheme is not
-- "http" or "https".
function parse_url_relative(u, host, port, path)
- local defaultport, scheme, abspath
+ local scheme, abspath
u = url.parse(u)
scheme = u.scheme or "http"
- if scheme == "http" then
- defaultport = 80
- elseif scheme == "https" then
- defaultport = 443
- else
+ if not (scheme == "http" or scheme == "https") then
return nil
end
abspath = u.path or ""
if not string.find(abspath, "^/") then
abspath = dirname(path) .. "/" .. abspath
end
- return u.host or host, u.port or defaultport, abspath
+ return u.host or host, u.port or url.get_default_port(scheme), abspath
end
function parseIcon( body )
--- a/scripts/http-open-redirect.nse
+++ b/scripts/http-open-redirect.nse
@@ -54,13 +54,7 @@
end
local function getHostPort(parsed)
- local host, port = parsed.host, parsed.port
- -- if no port was found, try to deduce it from the scheme
- if ( not(port) ) then
- port = (parsed.scheme == 'https') and 443
- port = port or ((parsed.scheme == 'http') and 80)
- end
- return host, port
+ return parsed.host, parsed.port or url.get_default_port(parsed.scheme)
end
local function isRedirect(status)
--- a/scripts/http-phpself-xss.nse
+++ b/scripts/http-phpself-xss.nse
@@ -143,12 +143,8 @@
--Only work with .php files
if ( parsed.path and parsed.path:match(".*.php") ) then
- --The following port/scheme code was seen in http-backup-finder and its neat =)
- local host, port = parsed.host, parsed.port
- if ( not(port) ) then
- port = (parsed.scheme == 'https') and 443
- port = port or ((parsed.scheme == 'http') and 80)
- end
+ local host = parsed.host
+ local port = parsed.port or url.get_default_port(parsed.scheme)
local escaped_link = parsed.path:gsub(" ", "%%20")
if launch_probe(host,port,escaped_link) then
table.insert(vulnpages, parsed.scheme..'://'..host..escaped_link..PHP_SELF_PROBE)
--- a/scripts/http-unsafe-output-escaping.nse
+++ b/scripts/http-unsafe-output-escaping.nse
@@ -49,14 +49,9 @@
local dbg = stdnse.debug2
local function getHostPort(parsed)
- local host, port = parsed.host, parsed.port
- -- if no port was found, try to deduce it from the scheme
- if ( not(port) ) then
- port = (parsed.scheme == 'https') and 443
- port = port or ((parsed.scheme == 'http') and 80)
- end
- return host, port
+ return parsed.host, parsed.port or url.get_default_port(parsed.scheme)
end
+
local function getReflected(parsed, r)
local reflected_values,not_reflected_values = {},{}
local count = 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There are 3 or 4 separate places in http.lua where a scheme is translated into default ports, typically with a code like this:
The following patch moves this code into a separate function, resulting in substantial code clarity.
(The patch assumes that #766 has been already merged in.)
Please let me know if you have any questions or concerns; otherwise I will commit the patch in a few weeks.
The text was updated successfully, but these errors were encountered: