Hi, while looking over recent Nessus changes, I noticed some things in netscape_rev_proxy.nasl which I don't understand.
> if(res == NULL || "302" >!< res ) exit(0);
> myloc = strstr(res, string("Location: http://";) ) ;
Would this not break if location points to an HTTPS server? Also, the
"string()" seems unnecessary.
> myloc2 = strstr(res, string("/images"));
> url = strstr(myloc - myloc2, "http");
Could be written as: url = myloc - myloc2; because myloc is guaranteed
to start with "http" anyway
Here's another potential code improvement: get the /24 prefix only once
instead of computing it 256 times. (To be honest, I assume that there is
no measurable speedup through this, but I think the code is easier to
understand that way).
prefix = ereg(string:get_host_ip(), pattern:"[0-9]+\.[0-9]+\.[0-9]+\.");
for (i=1; i<256; i++) {
req = string("GET http://";, prefix, i, ":139/ HTTP/1.0\r\n\r\n");
rep = http_keepalive_send_recv(port:port, data:req);
if ( "200 OK" >< rep ) {
security_hole(port);
exit(0);
}
}
</nk>
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
