diff --git a/scripts/lltd-discovery.nse b/scripts/lltd-discovery.nse index 1c1aec1b3..8a354dd9e 100755 --- a/scripts/lltd-discovery.nse +++ b/scripts/lltd-discovery.nse @@ -1,5 +1,5 @@ description = [[ -This script uses the Microsoft LLTD protocol to discover hosts on a local network. +Uses the Microsoft LLTD protocol to discover hosts on a local network. For more information on the LLTD protocol please refer to http://www.microsoft.com/whdc/connect/Rally/LLTD-spec.mspx @@ -9,7 +9,7 @@ http://www.microsoft.com/whdc/connect/Rally/LLTD-spec.mspx -- @usage -- nmap -e --script lltd-discovery -- --- @arg interface, a string specifying which interface to do lltd discovery on +-- @arg interface, a string specifying which interface to do lltd discovery on. If not specified, all ethernet interfaces are tried. -- -- @output -- | lltd-discovery: diff --git a/scripts/smtp-vuln-cve2011-1764.nse b/scripts/smtp-vuln-cve2011-1764.nse index 81c9f0dde..6382f9224 100644 --- a/scripts/smtp-vuln-cve2011-1764.nse +++ b/scripts/smtp-vuln-cve2011-1764.nse @@ -1,5 +1,5 @@ description = [[ -Checks for a format string vulnerability in the Exim SMTP server (version 4.70 through 4.75) with DomainKeys Identified Mail (DKIM) support. The DKIM logging mechanism did not use format string specifiers when logging some parts of the DKIM-Signature header field. A remote attacker who is able to send emails, can exploit this vulnerability and execute arbitrary code with the privileges of the Exim daemon (CVE-2011-1764). +Checks for a format string vulnerability in the Exim SMTP server (version 4.70 through 4.75) with DomainKeys Identified Mail (DKIM) support (CVE-2011-1764). The DKIM logging mechanism did not use format string specifiers when logging some parts of the DKIM-Signature header field. A remote attacker who is able to send emails, can exploit this vulnerability and execute arbitrary code with the privileges of the Exim daemon. Reference: * http://bugs.exim.org/show_bug.cgi?id=1106 diff --git a/scripts/ssl-google-cert-catalog.nse b/scripts/ssl-google-cert-catalog.nse index eabf30ca5..d4395774f 100644 --- a/scripts/ssl-google-cert-catalog.nse +++ b/scripts/ssl-google-cert-catalog.nse @@ -1,6 +1,5 @@ description = [[ -Matches SSL certificate hash against Google Certificate Catalog. It -uses the certificate gotten from ssl-cert.nse script. +Queries Google's Certificate Catalog for the SSL certificates retrieved from target hosts. The Certificate Catalog provides information about how recently and for how long Google has seen the given certificate. If a certificate doesn't appear in the database, despite being correctly signed by a well-known CA and having a matching domain name, it may be suspicious. It uses the certificate gotten from ssl-cert.nse script, so that script must be run as well. ]] --- diff --git a/scripts/targets-ipv6-multicast-echo.nse b/scripts/targets-ipv6-multicast-echo.nse index e5b3b15fe..7db7c12a3 100644 --- a/scripts/targets-ipv6-multicast-echo.nse +++ b/scripts/targets-ipv6-multicast-echo.nse @@ -1,10 +1,7 @@ description = [[ -Multicast echo ping. - -This script works by sending an ICMPv6 Echo Request packet to the all-nodes -link-local multicast address, ff02::1. It can discover all hosts -responding to echo on an interface, without needing to individually ping each -address. +Sends an ICMPv6 echo request packet to the all-nodes link-local +multicast address (ff02::1) to discover responsive hosts +on a LAN without needing to individually ping each IPv6 address. ]] --- @@ -13,7 +10,7 @@ address. -- @args newtargets If true, add discovered targets to the scan queue. -- @args targets-ipv6-multicast-echo.interface The interface to use for host discovery. -author = "David and Weilin" +author = "David Fifield, Xu Weilin" license = "Same as Nmap--See http://nmap.org/book/man-legal.html" diff --git a/scripts/targets-ipv6-multicast-invalid-dst.nse b/scripts/targets-ipv6-multicast-invalid-dst.nse index 5b5e59803..e375f3c85 100644 --- a/scripts/targets-ipv6-multicast-invalid-dst.nse +++ b/scripts/targets-ipv6-multicast-invalid-dst.nse @@ -1,11 +1,9 @@ description = [[ -Multicast invalid packet host discovery. - -This script works by sending an ICMPv6 packet with an invalid extension header -to the all-nodes link-local multicast address, ff02::1. Some hosts -will respond to this probe with an ICMPv6 Parameter Problem packet. This script -can discover hosts reachable on an interface without needing to individually -ping each address. +Sends an ICMPv6 packet with an invalid extension header to the +all-nodes link-local multicast address (ff02::1) to +discover (some) available hosts on the LAN. This works because some +hosts will respond to this probe with an ICMPv6 Parameter Problem +packet. ]] --- @@ -14,7 +12,7 @@ ping each address. -- @args newtargets If true, add discovered targets to the scan queue. -- @args targets-ipv6-multicast-invalid-dst.interface The interface to use for host discovery. -author = "David and Weilin" +author = "David Fifield, Xu Weilin" license = "Same as Nmap--See http://nmap.org/book/man-legal.html" diff --git a/scripts/targets-ipv6-multicast-slaac.nse b/scripts/targets-ipv6-multicast-slaac.nse index 5f78a3ef5..c644ac2c6 100644 --- a/scripts/targets-ipv6-multicast-slaac.nse +++ b/scripts/targets-ipv6-multicast-slaac.nse @@ -1,5 +1,5 @@ description = [[ -Does IPv6 host discovery by triggering stateless address auto-configuration +Performs IPv6 host discovery by triggering stateless address auto-configuration (SLAAC). This script works by sending an ICMPv6 Router Advertisement with a random @@ -23,7 +23,7 @@ See also: -- ./nmap -6 --script=slaac_host_discovery.nse --script-args 'newtargets,interface=eth0' -sP -- @args targets-ipv6-multicast-slaac.interface The interface to use for host discovery. -author = "David and Weilin" +author = "David Fifield, Xu Weilin" license = "Same as Nmap--See http://nmap.org/book/man-legal.html" diff --git a/scripts/xmpp-brute.nse b/scripts/xmpp-brute.nse index 4514915f8..895ffc069 100644 --- a/scripts/xmpp-brute.nse +++ b/scripts/xmpp-brute.nse @@ -1,5 +1,5 @@ description = [[ -Performs brute force password auditing against XMPP (Jabber) servers. +Performs brute force password auditing against XMPP (Jabber) instant messaging servers. ]] ---