1.79b: Improvement to directory listing detector.
This commit is contained in:
parent
44d86a63b6
commit
ffee2aec54
|
@ -1,3 +1,8 @@
|
||||||
|
Version 1.79b:
|
||||||
|
--------------
|
||||||
|
|
||||||
|
- Improvement to directory listing detector.
|
||||||
|
|
||||||
Version 1.78b:
|
Version 1.78b:
|
||||||
--------------
|
--------------
|
||||||
|
|
||||||
|
|
2
Makefile
2
Makefile
|
@ -20,7 +20,7 @@
|
||||||
#
|
#
|
||||||
|
|
||||||
PROGNAME = skipfish
|
PROGNAME = skipfish
|
||||||
VERSION = 1.78b
|
VERSION = 1.79b
|
||||||
|
|
||||||
OBJFILES = http_client.c database.c crawler.c analysis.c report.c
|
OBJFILES = http_client.c database.c crawler.c analysis.c report.c
|
||||||
INCFILES = alloc-inl.h string-inl.h debug.h types.h http_client.h \
|
INCFILES = alloc-inl.h string-inl.h debug.h types.h http_client.h \
|
||||||
|
|
|
@ -1209,7 +1209,7 @@ static u8 is_javascript(struct http_response* res) {
|
||||||
|
|
||||||
/* Illegal identifier, or too many whitespaces? Bail out. */
|
/* Illegal identifier, or too many whitespaces? Bail out. */
|
||||||
|
|
||||||
if (!isalnum(*text) && (!strchr(" \t\r\n_.", *text) ||
|
if (!isalnum(*text) && (!strchr(" \t\r\n_.$", *text) ||
|
||||||
(white_cnt++) > MAX_JS_WHITE)) {
|
(white_cnt++) > MAX_JS_WHITE)) {
|
||||||
res->js_type = 1;
|
res->js_type = 1;
|
||||||
return 0;
|
return 0;
|
||||||
|
|
|
@ -651,7 +651,8 @@ static u8 inject_check1_callback(struct http_request* req,
|
||||||
|
|
||||||
if (orig_state == PSTATE_CHILD_INJECT) {
|
if (orig_state == PSTATE_CHILD_INJECT) {
|
||||||
|
|
||||||
if (!same_page(&MRES(0)->sig, &RPRES(req)->sig) &&
|
if (MRES(0)->code < 300 &&
|
||||||
|
!same_page(&MRES(0)->sig, &RPRES(req)->sig) &&
|
||||||
!same_page(&MRES(0)->sig, &MRES(1)->sig)) {
|
!same_page(&MRES(0)->sig, &MRES(1)->sig)) {
|
||||||
problem(PROB_DIR_LIST, MREQ(0), MRES(0),
|
problem(PROB_DIR_LIST, MREQ(0), MRES(0),
|
||||||
(u8*)"unique response for /./",
|
(u8*)"unique response for /./",
|
||||||
|
@ -663,7 +664,8 @@ static u8 inject_check1_callback(struct http_request* req,
|
||||||
RESP_CHECKS(RPREQ(req), MRES(0));
|
RESP_CHECKS(RPREQ(req), MRES(0));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!same_page(&MRES(2)->sig, &RPRES(req)->sig) &&
|
if (MRES(2)->code < 300 &&
|
||||||
|
!same_page(&MRES(2)->sig, &RPRES(req)->sig) &&
|
||||||
!same_page(&MRES(2)->sig, &MRES(3)->sig)) {
|
!same_page(&MRES(2)->sig, &MRES(3)->sig)) {
|
||||||
problem(PROB_DIR_LIST, MREQ(2), MRES(2),
|
problem(PROB_DIR_LIST, MREQ(2), MRES(2),
|
||||||
(u8*)"unique response for \\.\\",
|
(u8*)"unique response for \\.\\",
|
||||||
|
|
Loading…
Reference in New Issue