CERBERUS/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-05-13 08:46:45 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fix /author/.../feed/ capture in http-wordpress-users.nse.

Browse source 
Patch by Duarte.
https://seclists.org/nmap-dev/2019/q3/17

The regular expression for the case when the server returns a 200 HTTP
status is too open, it needs to be more specific.

When there is a link similar to the feed link that occurs before the
feed link, the expression will include everything between that initial
link and the feed link.

To fix this, the group that matches/captures the author username will
only do so until it finds a forward slash.
This commit is contained in:
david 2019-08-22 23:08:31 +00:00
parent 862054bf5d
commit 8712cbf9a2
2 changed files with 4 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
CHANGELOG
View file

@ -13,6 +13,9 @@ o [NSE][GH#1665] The HTTP library no longer crashes when code requests digest
authentication but the server does not provide the necessary authentication
header. [nnposter]
o [NSE] Fixed a bug in http-wordpress-users.nse that could cause
extraneous output to be captured as part of a username. [Duarte Silva]
Nmap 7.80 [2019-08-10]
o [Windows] The Npcap Windows packet capturing library (https://npcap.org/)