PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-17 13:09:02 +00:00
Code Issues Projects Releases Wiki Activity

Reformat ordered lists in NSEdoc

Browse Source
This commit is contained in:
dmiller
2016-01-02 05:08:05 +00:00
parent 1863fd84d3
commit 1a205842fd
2 changed files with 24 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
scripts/http-domino-enum-passwords.nse
View File

@@ -14,6 +14,7 @@ any Domino ID Files attached to the Person document. Passwords are presented
in a form suitable for running in John the Ripper.
The passwords may be stored in two forms (http://comments.gmane.org/gmane.comp.security.openwall.john.user/785):
1. Saltless (legacy support?)
Example: 355E98E7C7B59BD810ED845AD0FD2FC4
John's format name: lotus5

5
scripts/smb-psexec.nse
View File

@@ -370,7 +370,6 @@ Running a script happens in several stages:
1. An open fileshare is found that we can write to. Finding an open
fileshare basically consists of enumerating all shares and seeing which
one(s) we have access to.
2. A "service wrapper", and all of the uploadable/extra files, are uploaded.
Before they're uploaded, the name of each file is obfuscated. The
obfuscation completely renames the file, is unique for each source system,
@@ -380,22 +379,18 @@ against the same computer, and also makes it more difficult to determine
their purposes. The reason for keeping them consistent for every run is to
make cleanup possible: a random filename, if the script somehow fails, will
be left on the system.
3. A new service is created and started. The new service has a random name
for the same reason the files do, and points at the 'service wrapper'
program that was uploaded.
4. The service runs the processes. One by one, the processes are run and
their output is captured. The output is obfuscated using a simple (and
highly insecure) xor algorithm, which is designed to prevent casual sniffing
(but won't deter intelligent attackers). This data is put into a temporary
output file. When all the programs have finished, the file is renamed to the
final output file
5. The output file is downloaded, and the cleanup is performced. The file
being renamed triggers the final stage of the program, where the data is
downloaded and all relevant files are deleted.
6. Output file, now decrypted, is formatted and displayed to the user.
And that's how it works!