Closed eLvErDe closed 4 months ago
Thanks, I never thought about this and didn't think about the possibility to have different setting for different names. But you are right it could be possible.
I'll try to integrate the fix (maybe with a check on the nmap version to see if the option is there)
Seems that nmap doesn't care if a script-arg does not exist (no errors or warnings)
Describe the bug
If using SNI routing (yes this is possible), it is expected to have different SSL responses for the same IP address if provided server name is different.
However, this option is not propagated to NMAP when checking ciphers, leading to incorrect report.
To Reproduce
Not really reproducible unless you have such stup, but I can perform the test for your
Expected behavior
NMAP implemented proper option since release Nmap 7.40 [2016-12-20]:
Quick and dirty fix (on old version):
System (please complete the following information):
Not relevant