*** Chris wrote: > recently i've stumbled over a problem in Nikto where some checks > failed against a Webserver with BigIP F5 Load Balancers in front. > > After a short research i found this existing issue to Nikto: > > https://github.com/sullo/nikto/pull/202 > > where a user had reported the same. > > It seems that some Load Balancers or WAFs are blocking requests with > an added port in the Host header, even if this is RFC conform. > > To work around this in Nikto the ports in the Host header are now only added > if they are not 80/443: > https://github.com/sullo/nikto/commit/a884be7bf8d998eae119415250102d17684ee4db
A few weeks ago we changed "http_get()" to exactly behave like this. > This probably also affects all OpenVAS NVT having an: > > "Host: ", host, ":", port, "\r\n", > > in the request. Currently this are about 120: > > grep -R "Host:" /usr/src/openvas-nvts/scripts/ | grep port | wc -l > > Is this something which can be handled in OpenVAS or those NVTs? Sure...just add something like... host = get_host_name(); if( port != 80 && port != 443 ) host += ':' + port; and change "Host: ", host, ":", port, "\r\n", to "Host: ", host, "\r\n", but this is some (hand-)work. Any volunteers? :) Micha -- Michael Meyer OpenPGP Key: 0xAF069E9152A6EFA6 http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-plugins mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
