Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

http-useragent-tester should check for 403 Forbidden, not just redirects #141

Closed
dmiller-nmap opened this issue May 28, 2015 · 1 comment

Comments

@dmiller-nmap
Copy link

http-useragent-tester is supposed to check for allowed and forbidden user agents, but it only handles sites that redirect forbidden agents elsewhere. The site could just as easily return a 403 Forbidden status code. Maybe the script should report any differences in HTTP status code, only using the redirect check when the normal response is also a redirect.

@dmiller-nmap dmiller-nmap changed the title http-useragent-checker should check for 403 Forbidden, not just redirects http-useragent-tester should check for 403 Forbidden, not just redirects May 28, 2015
@h4ck3rk3y
Copy link

Checks for redirection different from a browser user-agent, followed by a check for difference in response code. Shows the response code of browser user agent and all the ones where there was a change.
Also added XML output.
https://github.com/h4ck3rk3y/nmap-exp-gyani/blob/master/scripts/http-useragent-tester.nse

/cc @dmiller-nmap

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants