Sunday, May 14, 2006

HTTP Request

There are different kind of http request methods that supported by the web servers that based on thier implmentation and configuration. The recent OpenBSD team that decides to turn off trace method of their apache distribution to protect against XSS considered a right move since it is not much in used and render the server vulnerable to attack.

If you are heavy curl user, you may already know that curl allows you to custom your own http request method with -X switch. However I have recently came across this tool call metoscan that allows you to perform checking on the http requests that enabled and supported by the web server. It is considered a nifty tool to initiate pentest against web server. You may find other http related tools as well from here.

I downloaded metoscan and start compiling with gcc -o bla bla bla. To scan the web server, one just need to run it with target url provided. For example,

shell>./metoscan 1.2.3.4

MetoScan - Simple HTTP Method Scanner

Method: GET => 302 (MOVED TEMPORARILY)
Method: POST => 500 (INTERNAL SERVER ERROR)
Method: HEAD => 302 (MOVED TEMPORARILY)
Method: PUT => 302 (MOVED TEMPORARILY)
Method: TRACE => 200 (OK)
Method: TRACK => 302 (MOVED TEMPORARILY)
Method: SEARCH => 302 (MOVED TEMPORARILY)
Method: INDEX => 302 (MOVED TEMPORARILY)
Method: OPTIONS => 302 (MOVED TEMPORARILY)
Method: DELETE => 302 (MOVED TEMPORARILY)
Method: CONNECT => 400 (BAD REQUEST)
Method: PATCH => 302 (MOVED TEMPORARILY)
Method: PROPFIND => 302 (MOVED TEMPORARILY)
Method: PROPPATCH => 302 (MOVED TEMPORARILY)
Method: MKCOL => 302 (MOVED TEMPORARILY)
Method: COPY => 302 (MOVED TEMPORARILY)
Method: MOVE => 302 (MOVED TEMPORARILY)
Method: LOCK => 302 (MOVED TEMPORARILY)
Method: UNLOCK => 302 (MOVED TEMPORARILY)
Method: CHECKOUT => 302 (MOVED TEMPORARILY)
Method: SHOWMETHOD => 302 (MOVED TEMPORARILY)
Method: LINK => 302 (MOVED TEMPORARILY)
Method: UNLINK => 302 (MOVED TEMPORARILY)
Method: CHECKIN => 302 (MOVED TEMPORARILY)
Method: TEXTSEARCH => 302 (MOVED TEMPORARILY)
Method: SPACEJUMP => 302 (MOVED TEMPORARILY)
Method: ORDERPATCH => 302 (MOVED TEMPORARILY)
Method: ACL => 302 (MOVED TEMPORARILY)
Method: VERSION-CONTROL => 302 (MOVED TEMPORARILY)
Method: REPORT => 302 (MOVED TEMPORARILY)
Method: UNCHECKOUT => 302 (MOVED TEMPORARILY)

If you understand what's the http status code, you may understand better the output of it. I have mentioned the important of understanding http status code previously and now it helps me to intepret the result easily.

Enough for now, it's Saturday nite here :P

I should go out to get some b33r5,

Ch33r5 :]

No comments: