Context Navigation

Changeset 284

Timestamp:

01/27/2010 05:28:56 AM (3 years ago)

Author:

sullo

Message:

Fix perl warnings

Location:

trunk/plugins

Files:

-                      r268
+                      r284
    my @POSSIBLECGI=();
    my @CFGCGI=(split(/ /,$VARIABLES{"\@CGIDIRS"}));
    my ($res, $possiblecgidir, $found) ="";
+   my ($res, $content, $possiblecgidir, $found) ="";
    if (defined $CLI{'forcecgi'} && $CLI{'forcecgi'} eq "all")                       # all possible CGI dirs to be "true"
 …
       foreach $possiblecgidir (@CFGCGI)
+      {
          ($res, $CONTENT)=nfetch($mark,$possiblecgidir,"GET");
+         ($res, $content)=nfetch($mark,$possiblecgidir,"GET");
          nprint("Checked for CGI dir\t$possiblecgidir\tgot:$res","d");
          if (content_present($res) eq TRUE)

r277	r284
67	67	my $dir=$_;
68	68	if (($ctr % 100) == 0) { nprint("- Directory enumeration guess $ctr ($dir): /$dir/", "v"); }
69		~~(my~~ $result, $content) = nfetch($mark,"/$dir/", "HEAD");
	69	my ($result, $content) = nfetch($mark,"/$dir/", "HEAD");
70	70	foreach my $found (split(/ /, $VARIABLES{"\@HTTPFOUND"}))
71	71	{

r240	r284
64	64	$model =~ s/\+/ /g;
65	65
66		if (model ne "")
	66	if ($model ne "")
67	67	{
68	68	add_vulnerability($mark, "$item->{message} $model",$item->{nikto_id}, 0, "GET", $item->{uri});

-                      r269
+                      r284
+   {
       (my $res, $content) = nfetch($mark,$f, "GET", "", \%headers);
       if (defined $headers{x-powered-by}) { $xpb{ $headers{x-powered-by} } = 1; }
+      if (defined $headers{'x-powered-by'}) { $xpb{ $headers{'x-powered-by'} } = 1; }
+   }
 …
       if ($res eq "200")
+      {
          $transheaders{Translate}="f";
+         $transheaders{'Translate'}="f";
          ($res, $content) = nfetch($mark,$f . "\\", "GET", "", \%transheaders);
          if ($res eq "200")
 …
    #######################################################################
    # Servlet-Engine info
    if (defined $headers{servlet-engine})
+   {
       my $x = $headers{servlet-engine};
+   if (defined $headers{'servlet-engine'})
+   {
+      my $x = $headers{'servlet-engine'};
       $x = ~s/\(.*$//;
       $x =~ s/\s+//g;
 …
    # Now we have a header, let's check ETag for inode
    if (defined $headers{etag})
+   {
       my $etag=$headers{etag};
+   if (defined $headers{'etag'})
+   {
+      my $etag=$headers{'etag'};
       $etag =~ s/"//g;
       my @fields = split("-",$etag);

-                      r240
+                      r284
+   }
    # IIS PROPFIND HEADER
    my %headers=(
+   %headers=(
       "Host" => "",
       "Content-Length" => "0",
 …
    # Special checks for TRACE/TRACK to see whether its vulnerable
    my %headers=(
+   %headers=(
       "Host" => "Nikto",
    );

-                      r283
+                      r284
+   {
       if (($ctr % 500) eq 0) { nprint("- User enumeration guess $ctr ($text)", "v"); }
       (my $result, $content) = nfetch($mark, $url . $text, "HEAD");
+      ($result, $content) = nfetch($mark, $url . $text, "HEAD");
       my $user = nikto_user_enum_apache_check($result, $text);
       if (defined $user)
 …
       if ($_ eq "" ) { next };
       if (($ctr % 500) == 0) { nprint("- User enumeration guess $ctr ($_)", "v"); }
       (my $result, $content) = nfetch($mark, $url . $_, "HEAD");
+      ($result, $content) = nfetch($mark, $url . $_, "HEAD");
       my $user = nikto_user_enum_apache_check($result, $_);
       if ($user)

Note: See TracChangeset for help on using the changeset viewer.