Here is a new fingerprint for hmap:
* mbedthis-appweb-2.4.0.juniper-srx100 (see attached file)
This is an AppWeb embeddable web server from Mbedthis, running on
a Juniper SRX100 gateway.
It shows quite a lot of NO_RESPONSE_CODE for malformed requests. As
far as I can find this is because the web server returns responses on
the following format. For MALFORMED_000:
GET
it returns:
UnknownMethod 400 Bad Request
Server: Mbedthis-Appweb/2.4.0
... etc. followed by a Error 400 HTML message
When the request is, say, 'GET / HTTP/Q.Q' (MALFORMED_010), the response
is also
HTTP/Q.Q 400 Bad Request
That is, it just echoes the HTTP-Version right back. HMAP requires correct
HTTP-version to identify a status code, and so doesn't recognize these.
An idea for handling this is to make hmap parse responses as three space-
separated fields, and then check the second field for legal status code.
For more detailed profiling it would be possible to check the first and third
fields against protocol or standard reasons, and register deviations, but that
would need special handling to allow existing hmap fingerprints to be used.
best wishes,
--
Anders Thulin anders.thu...@sentor.se 070-757 36 10 / Intl. +46 70
757 36 10
{'LEXICAL': {'200': 'OK',
'301': 'Moved Permanently',
'400': 'Bad Request',
'404': 'Not Found',
'413': 'Request Entity Too Large',
'503': 'Service Unavailable',
'SERVER_NAME': 'Mbedthis-Appweb/2.4.0'},
'SEMANTIC': {'LARGE_HEADER_RANGES': [(1, '200'),
(4080, '200'),
(4081, '400'),
(10000, '400')],
'LONG_DEFAULT_RANGES': [(1, '200'),
(4081, '200'),
(4082, 'NO_RESPONSE_CODE'),
(10000, 'NO_RESPONSE_CODE')],
'LONG_URL_RANGES': [(1, '404'),
(4080, '404'),
(4081, 'NO_RESPONSE_CODE'),
(10000, 'NO_RESPONSE_CODE')],
'MALFORMED_000': 'NO_RESPONSE_CODE',
'MALFORMED_001': 'NO_RESPONSE_CODE',
'MALFORMED_002': 'NO_RESPONSE_CODE',
'MALFORMED_003': 'NO_RESPONSE_CODE',
'MALFORMED_004': 'NO_RESPONSE_CODE',
'MALFORMED_005': 'NO_RESPONSE_CODE',
'MALFORMED_006': 'NO_RESPONSE_CODE',
'MALFORMED_007': 'NO_RESPONSE_CODE',
'MALFORMED_008': 'NO_RESPONSE_CODE',
'MALFORMED_009': 'NO_RESPONSE_CODE',
'MALFORMED_010': 'NO_RESPONSE_CODE',
'MALFORMED_011': 'NO_RESPONSE_CODE',
'MALFORMED_012': 'NO_RESPONSE_CODE',
'MALFORMED_013': 'NO_RESPONSE_CODE',
'MALFORMED_014': 'NO_RESPONSE_CODE',
'MALFORMED_015': 'NO_RESPONSE_CODE',
'MALFORMED_016': 'NO_RESPONSE_CODE',
'MALFORMED_017': 'NO_RESPONSE_CODE',
'MALFORMED_018': 'NO_RESPONSE_CODE',
'MALFORMED_019': 'NO_RESPONSE_CODE',
'MALFORMED_020': 'NO_RESPONSE_CODE',
'MALFORMED_021': 'NO_RESPONSE_CODE',
'MALFORMED_022': 'NO_RESPONSE_CODE',
'MALFORMED_023': 'NO_RESPONSE_CODE',
'MALFORMED_024': 'NO_RESPONSE_CODE',
'MALFORMED_025': 'NO_RESPONSE_CODE',
'MALFORMED_026': 'NO_RESPONSE_CODE',
'MALFORMED_027': '404',
'MALFORMED_028': '200',
'MALFORMED_029': '200',
'MALFORMED_030': '200',
'MALFORMED_031': '200',
'MALFORMED_032': '301',
'MALFORMED_033': '301',
'MALFORMED_034': '301',
'MALFORMED_035': '301',
'MALFORMED_036': '200',
'MALFORMED_037': '404',
'MALFORMED_038': 'NO_RESPONSE_CODE',
'MALFORMED_039': '200',
'MALFORMED_040': 'NO_RESPONSE_CODE',
'MALFORMED_041': '200',
'MALFORMED_042': 'NO_RESPONSE_CODE',
'MALFORMED_043': '404',
'MALFORMED_044': 'NO_RESPONSE_CODE',
'MALFORMED_045': '404',
'MALFORMED_046': '404',
'MALFORMED_047': '404',
'MALFORMED_048': '404',
'MALFORMED_049': '404',
'MALFORMED_050': '404',
'MALFORMED_051': 'NO_RESPONSE_CODE',
'MALFORMED_052': 'NO_RESPONSE_CODE',
'MALFORMED_053': 'NO_RESPONSE_CODE',
'MALFORMED_054': 'NO_RESPONSE_CODE',
'MALFORMED_055': '200',
'MALFORMED_056': 'NO_RESPONSE_CODE',
'MALFORMED_057': '200',
'MALFORMED_058': '200',
'MALFORMED_059': '200',
'MALFORMED_060': '200',
'MALFORMED_061': '200',
'MALFORMED_062': 'NO_RESPONSE_CODE',
'MALFORMED_063': 'NO_RESPONSE_CODE',
'MALFORMED_064': 'NO_RESPONSE_CODE',
'MALFORMED_065': 'NO_RESPONSE_CODE',
'MALFORMED_066': 'NO_RESPONSE_CODE',
'MALFORMED_067': '200',
'MALFORMED_068': 'NO_RESPONSE_CODE',
'MALFORMED_069': 'NO_RESPONSE_CODE',
'MALFORMED_070': 'NO_RESPONSE_CODE',
'MALFORMED_071': 'NO_RESPONSE_CODE',
'MALFORMED_072': 'NO_RESPONSE_CODE',
'MALFORMED_073': 'NO_RESPONSE_CODE',
'MALFORMED_074': '200',
'MALFORMED_075': 'NO_RESPONSE_CODE',
'MALFORMED_076': 'NO_RESPONSE_CODE',
'MALFORMED_077': '301',
'MALFORMED_078': '404',
'MALFORMED_079': 'NO_RESPONSE_CODE',
'MALFORMED_080': '200',
'MALFORMED_081': 'NO_RESPONSE_CODE',
'MALFORMED_082': 'NO_RESPONSE_CODE',
'MALFORMED_083': 'NO_RESPONSE_CODE',
'MALFORMED_084': 'NO_RESPONSE_CODE',
'MALFORMED_085': '404',
'MALFORMED_086': '200',
'MALFORMED_087': 'NO_RESPONSE_CODE',
'MALFORMED_088': 'NO_RESPONSE_CODE',
'MALFORMED_089': '404',
'MALFORMED_090': '404',
'MALFORMED_091': 'NO_RESPONSE_CODE',
'MALFORMED_092': 'NO_RESPONSE_CODE',
'MALFORMED_093': '404',
'MALFORMED_094': '404',
'MALFORMED_095': 'NO_RESPONSE_CODE',
'MALFORMED_096': 'NO_RESPONSE_CODE',
'MALFORMED_097': '404',
'MALFORMED_098': '404',
'MALFORMED_099': '404',
'MALFORMED_100': 'NO_RESPONSE_CODE',
'MALFORMED_101': 'NO_RESPONSE_CODE',
'MALFORMED_102': 'NO_RESPONSE_CODE',
'MALFORMED_103': 'NO_RESPONSE_CODE',
'MALFORMED_104': 'NO_RESPONSE_CODE',
'MANY_HEADER_RANGES': [(1, '200'),
(8206, '200'),
(8207, '503'),
(10000, '503')]},
'SYNTACTIC': {'ALLOW_ORDER': 'OPTIONS,TRACE,GET,HEAD,POST',
'ETag': '"27104-38da-64d480"',
'HEADER_ORDER': [['Server',
'Date',
'Connection',
'Content-Type',
'Content-length'],
['Date',
'Server',
'Content-type',
'Content-length',
'Connection',
'Location'],
['Date',
'Server',
'Content-type',
'ETag',
'Content-length',
'Connection',
'Allow'],
['Date',
'Server',
'Cache-Control',
'Content-type',
'ETag',
'Content-length',
'Connection',
'X-Powered-By',
'Expires']]}}
------------------------------------------------------------------------------
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network
management toolset available today. Delivers lowest initial
acquisition cost and overall TCO of any competing solution.
http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
