diff --git a/scripts/broadcast-dhcp6-discover.nse b/scripts/broadcast-dhcp6-discover.nse index 5e71ed8eb..628fda16c 100644 --- a/scripts/broadcast-dhcp6-discover.nse +++ b/scripts/broadcast-dhcp6-discover.nse @@ -1,7 +1,7 @@ description = [[ -Sends a DHCPv6 request (Solicit) to the DHCPv6 multicast address. It parses the -response and extracts the address along with any options returned by the -server. +Sends a DHCPv6 request (Solicit) to the DHCPv6 multicast address, +parses the response, then extracts and prints the address along with +any options returned by the server. The script requires Nmap to be run in privileged mode as it binds the socket to a privileged port (udp/546). diff --git a/scripts/broadcast-pppoe-discover.nse b/scripts/broadcast-pppoe-discover.nse index eb105a1d3..d0b3a4243 100644 --- a/scripts/broadcast-pppoe-discover.nse +++ b/scripts/broadcast-pppoe-discover.nse @@ -1,6 +1,6 @@ description = [[ -Discovers PPPoE servers using the PPPoE Discovery protocol (PPPoED) -The PPPoE is an ethernet based protocol so the script has to know what ethernet +Discovers PPPoE servers using the PPPoE Discovery protocol (PPPoED). +PPPoE is an ethernet based protocol so the script has to know what ethernet interface to use for discovery. If no interface is specified, requests are sent out on all available interfaces. diff --git a/scripts/broadcast-ripng-discover.nse b/scripts/broadcast-ripng-discover.nse index 87e72d19a..89e7ca935 100644 --- a/scripts/broadcast-ripng-discover.nse +++ b/scripts/broadcast-ripng-discover.nse @@ -1,7 +1,7 @@ description = [[ Discovers hosts and routing information from devices running RIPng on the -LAN. It does so by sending a RIPng Request command and collects the responses -from all devices responding to the request. +LAN by sending a RIPng Request command and collecting the responses +from all responsive devices. ]] --- diff --git a/scripts/cccam-version.nse b/scripts/cccam-version.nse index cfb4a8af8..33fa009f4 100644 --- a/scripts/cccam-version.nse +++ b/scripts/cccam-version.nse @@ -1,8 +1,10 @@ -description = [[Detects the CCcam service. +description = [[ +Detects the CCcam service (software for sharing subscription TV among +multiple receivers). -CCcam is a way of sharing subscription TV among multiple receivers. The service -normally runs on port 12000. It distinguishes itself by printing 16 -random-looking bytes upon receiving a connection. +The service normally runs on port 12000. It distinguishes +itself by printing 16 random-looking bytes upon receiving a +connection. Because the script attempts to detect "random-looking" bytes, it has a small chance of failing to detect the service when the data do not seem random diff --git a/scripts/dns-nsid.nse b/scripts/dns-nsid.nse index 86b443e22..38d221005 100644 --- a/scripts/dns-nsid.nse +++ b/scripts/dns-nsid.nse @@ -1,10 +1,12 @@ description = [[ -Ateemps to get more information from a server by requesting the server nsid[1], -and asking for id.server[2] and version.bind. This script dose the same as the -following two dig commands: +Retrieves information from a DNS nameserver by requesting +its nameserver ID (nsid), and asking for its id.server and +version.bind. This script performs the same queries as the following +two dig commands: - dig CH TXT bind.version @target - dig +nsid CH TXT id.server @target +References: [1]http://www.ietf.org/rfc/rfc5001.txt [2]http://www.ietf.org/rfc/rfc4892.txt ]] diff --git a/scripts/http-auth-finder.nse b/scripts/http-auth-finder.nse index 6810e388d..aae871777 100644 --- a/scripts/http-auth-finder.nse +++ b/scripts/http-auth-finder.nse @@ -1,6 +1,5 @@ description = [[ -Spiders a web site to find web pages requiring authentication, either form- -based or HTTP-based. The results are returned in a table with each url and the +Spiders a web site to find web pages requiring form-based or HTTP-based authentication. The results are returned in a table with each url and the detected method. ]] diff --git a/scripts/http-generator.nse b/scripts/http-generator.nse index e835f1f71..d2fbb2679 100644 --- a/scripts/http-generator.nse +++ b/scripts/http-generator.nse @@ -1,5 +1,5 @@ description = [[ -Displays the contents of the "generator" meta tag if there is one. +Displays the contents of the "generator" meta tag of a web page (default: /) if there is one. ]] author = "Michael Kohl" diff --git a/scripts/http-proxy-brute.nse b/scripts/http-proxy-brute.nse index 3ba3b5993..8c97f7e6a 100644 --- a/scripts/http-proxy-brute.nse +++ b/scripts/http-proxy-brute.nse @@ -1,5 +1,5 @@ description = [[ -Performs brute force password guessing against a HTTP proxy server +Performs brute force password guessing against a HTTP proxy server. ]] --- diff --git a/scripts/iax2-brute.nse b/scripts/iax2-brute.nse index f834d3e6f..033179135 100644 --- a/scripts/iax2-brute.nse +++ b/scripts/iax2-brute.nse @@ -1,5 +1,5 @@ description = [[ -Performs brute force password guessing against the Asterisk IAX2 protocol. +Performs brute force password auditing against the Asterisk IAX2 protocol. Guessing fails when a large number of attempts is made due to the maxcallnumber limit (default 2048). In case your getting "ERROR: Too many retries, aborted ..." after a while, this is most likely what's happening. In order to avoid this problem try: diff --git a/scripts/membase-brute.nse b/scripts/membase-brute.nse index 2a8f34d6c..bdec35572 100644 --- a/scripts/membase-brute.nse +++ b/scripts/membase-brute.nse @@ -1,5 +1,5 @@ description = [[ -Performs brute force password guessing against Couchbase Membase servers. +Performs brute force password auditing against Couchbase Membase servers. ]] --- diff --git a/scripts/memcached-info.nse b/scripts/memcached-info.nse index 09e8db144..38e22b67a 100644 --- a/scripts/memcached-info.nse +++ b/scripts/memcached-info.nse @@ -1,5 +1,5 @@ description = [[ -Retrieves information from distributed memory object caching system memcached +Retrieves information from distributed memory object caching system memcached. ]] --- diff --git a/scripts/nat-pmp-mapport.nse b/scripts/nat-pmp-mapport.nse index de2dde20b..00436b0a2 100644 --- a/scripts/nat-pmp-mapport.nse +++ b/scripts/nat-pmp-mapport.nse @@ -1,6 +1,5 @@ description = [[ -Maps a WAN port on the router to a local port on the client. -The script uses the NAT Port Mapping Protocol (NAT-PMP) to do so and supports the following operations: +Maps a WAN port on the router to a local port on the client using the NAT Port Mapping Protocol (NAT-PMP). It supports the following operations: o map - maps a new external port on the router to an internal port of the requesting IP o unmap - unmaps a previously mapped port for the requesting IP o unmapall - unmaps all previously mapped ports for the requesting IP diff --git a/scripts/redis-brute.nse b/scripts/redis-brute.nse index 9c9585d4f..8d215b47d 100644 --- a/scripts/redis-brute.nse +++ b/scripts/redis-brute.nse @@ -1,5 +1,5 @@ description = [[ -Performs brute force passwords guessing against a Redis key-value store +Performs brute force passwords auditing against a Redis key-value store. ]] --- diff --git a/scripts/redis-info.nse b/scripts/redis-info.nse index 7c0ea4d54..4ec4f6c67 100644 --- a/scripts/redis-info.nse +++ b/scripts/redis-info.nse @@ -1,5 +1,5 @@ description = [[ -Gets information from a Redis key-value store +Retrieves information (such as version number and architecture) from a Redis key-value store. ]] --- diff --git a/scripts/riak-http-info.nse b/scripts/riak-http-info.nse index b3768da7d..4d4169681 100644 --- a/scripts/riak-http-info.nse +++ b/scripts/riak-http-info.nse @@ -1,5 +1,5 @@ description = [[ -Retrieves information from a Basho Riak distributed database using the HTTP protocol. +Retrieves information (such as node name and architecture) from a Basho Riak distributed database using the HTTP protocol. ]] --- diff --git a/scripts/socks-auth-info.nse b/scripts/socks-auth-info.nse index b01b0a3c2..fcbf24e98 100644 --- a/scripts/socks-auth-info.nse +++ b/scripts/socks-auth-info.nse @@ -1,5 +1,5 @@ description = [[ -Determines the supported authentication mechanisms of the remote SOCKS server. +Determines the supported authentication mechanisms of a remote SOCKS server. Starting with SOCKS version 5 socks servers may support authentication. The script checks for the following authentication types: 0 - No authentication diff --git a/scripts/socks-brute.nse b/scripts/socks-brute.nse index 0495194f2..f9799974e 100644 --- a/scripts/socks-brute.nse +++ b/scripts/socks-brute.nse @@ -1,5 +1,5 @@ description = [[ -Performs brute force password guessing against SOCKS 5 servers +Performs brute force password auditing against SOCKS 5 servers. ]] --- diff --git a/scripts/url-snarf.nse b/scripts/url-snarf.nse index cd5b314ff..09b1cddac 100644 --- a/scripts/url-snarf.nse +++ b/scripts/url-snarf.nse @@ -1,7 +1,8 @@ description=[[ -Sniffs an interface for HTTP traffic and dumps any URLs, and their originating -IP. Script output differs from other script as URLs are written to stdout -directly. There is also an option to log the results to file. +Sniffs an interface for HTTP traffic and dumps any URLs, and their +originating IP address. Script output differs from other script as +URLs are written to stdout directly. There is also an option to log +the results to file. The script can be limited in time by using the timeout argument or run until a ctrl+break is issued, by setting the timeout to 0. diff --git a/scripts/vmauthd-brute.nse b/scripts/vmauthd-brute.nse index 490b097f3..f3e97b439 100644 --- a/scripts/vmauthd-brute.nse +++ b/scripts/vmauthd-brute.nse @@ -1,5 +1,5 @@ description = [[ -Performs brute force password guessing against the VMWare Authentication Daemon (vmware-authd) +Performs brute force password auditing against the VMWare Authentication Daemon (vmware-authd). ]] --- diff --git a/scripts/xdmcp-discover.nse b/scripts/xdmcp-discover.nse index c4862dc19..bf04042ff 100644 --- a/scripts/xdmcp-discover.nse +++ b/scripts/xdmcp-discover.nse @@ -1,5 +1,5 @@ description = [[ -Requests a XDMCP session and lists supported authentication and authorization mechanisms +Requests an XDMCP (X display manager control protocol) session and lists supported authentication and authorization mechanisms. ]] ---