silverstream_dirlisting.nasl

来自「漏洞扫描源码,可以扫描linux,windows,交换机路由器」· NASL 代码 · 共 73 行

NASL

73 行

## This script was written by Tor Houghton, but I looked at "htdig" by # Renaud Deraison <deraison@cvs.nessus.org>## modifications by rd:#	- pattern read is different#	- request /SilverStream not /SilverStream/Pages## Script audit and contributions from Carmichael Security <http://www.carmichaelsecurity.com>#      Erik Anderson <eanders@carmichaelsecurity.com>#      Added links to the Bugtraq message archive## See the Nessus Scripts License for details#if(description){ script_id(10846); script_version ("$Revision: 38 $"); #script_cve_id("CVE-XXXX-YYYY"); name["english"] = "SilverStream directory listing"; script_name(english:name["english"]);  desc["english"] = "SilverStream directory listings are enabled.An attacker may use this problem to gain more knowledgeon this server and possibly to get files you would wantto hide.Risk factor : MediumReference : http://online.securityfocus.com/archive/101/144786Solution : Reconfigure the server so that otherscannot view directory listings"; script_description(english:desc["english"]);  summary["english"] = "Checks if SilverStream directory listings are disabled.";  script_summary(english:summary["english"]);  script_category(ACT_GATHER_INFO);  script_copyright(english:"This script is Copyright (C) 2002 Tor Houghton"); family["english"] = "CGI abuses"; script_family(english:family["english"]); script_dependencie("http_version.nasl");  script_require_ports("Services/www", 80); exit(0);}## The script code starts here#include("http_func.inc");include("http_keepalive.inc");port = get_http_port(default:80);if(get_port_state(port)) {     buf = string("/SilverStream");     buf = http_get(item:buf, port:port);     rep = http_keepalive_send_recv(port:port, data:buf);     if ( ! rep ) exit(0);     lookfor = "<html><head><title>.*SilverStream.*</title>";            if((egrep(pattern:lookfor, string:rep)) && ("/Pages" >< rep))         security_warning(port);}

silverstream_dirlisting.nasl - 源码说明

本页面展示了「漏洞扫描源码,可以扫描linux,windows,交换机路由器」中的 silverstream_dirlisting.nasl 源码文件，采用 NASL 编程语言编写，共 73 行代码。您可以在线阅读完整代码内容，也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫下载站收录了大量与windows相关的技术资源，包括源代码、技术文档、电路图等，是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C

搜索代码Ctrl + F

全屏模式F11

增大字号Ctrl + =

减小字号Ctrl + -

显示快捷键?