PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 05:01:29 +00:00
Code Issues Projects Releases Wiki Activity

Update some script nsedoc descriptions for consistency. The description should almost always start with an active verb and never with the script name or 'this script'. Admittedly that makes the first sentence a fragment. The first sentence should be capitalized

Browse Source
This commit is contained in:
fyodor
2011-09-11 20:50:56 +00:00
parent a5d81c3b35
commit 2ff08a24a1
6 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/dns-fuzz.nse
View File

@@ -1,5 +1,5 @@
description = [[
This script launches a DNS fuzzing attack against any DNS server.
Launches a DNS fuzzing attack against DNS servers.
The script induces errors into randomly generated but valid DNS packets.
The packet template that we use includes one uncompressed and one

2
scripts/http-axis2-dir-traversal.nse
View File

@@ -1,5 +1,5 @@
description = [[
http-axis2-dir-traversal exploits a directory traversal vulnerability in Apache Axis2 version 1.4.1 by sending a specially crafted request to the parameter <code>xsd</code> (OSVDB-59001). By default it will try to retrieve the configuration file of the Axis2 service <code>'/conf/axis2.xml'</code> using the path <code>'/axis2/services/'</code> to return the username and password of the admin account.
Exploits a directory traversal vulnerability in Apache Axis2 version 1.4.1 by sending a specially crafted request to the parameter <code>xsd</code> (OSVDB-59001). By default it will try to retrieve the configuration file of the Axis2 service <code>'/conf/axis2.xml'</code> using the path <code>'/axis2/services/'</code> to return the username and password of the admin account.
To exploit this vulnerability we need to detect a valid service running on the installation so we extract it from <code>/listServices</code> before exploiting the directory traversal vulnerability.
By default it will retrieve the configuration file, if you wish to retrieve other files you need to set the argument <code>http-axis2-dir-traversal.file</code> correctly to traverse to the file's directory. Ex. <code>../../../../../../../../../etc/issue</code>

2
scripts/http-default-accounts.nse
View File

@@ -1,5 +1,5 @@
description = [[
http-default-accounts tests for access with default credentials used by a variety of web applications and devices.
Tests for access with default credentials used by a variety of web applications and devices.
It works similar to http-enum, we detect applications by matching known paths and launching a login routine using default credentials when found.
This script depends on a fingerprint file containing the target's information: name, category, location paths, default credentials and login routine.

2
scripts/http-google-malware.nse
View File

@@ -1,5 +1,5 @@
description = [[
http-google-malware checks if hosts are on Google's blacklist of suspected malware and phishing servers. These lists are constantly updated and are part of Google's Safe Browsing service.
Checks if hosts are on Google's blacklist of suspected malware and phishing servers. These lists are constantly updated and are part of Google's Safe Browsing service.
To do this the script queries the Google's Safe Browsing service and you need to have your own API key to access Google's Safe Browsing Lookup services. Sign up for yours at http://code.google.com/apis/safebrowsing/key_signup.html

2
scripts/http-litespeed-sourcecode-download.nse
View File

@@ -1,5 +1,5 @@
description = [[
http-litespeed-sourcecode-download.nse exploits a null-byte poisoning vulnerability in Litespeed Web Servers 4.0.x before 4.0.15 to retrieve the target script's source code by sending a HTTP request with a null byte followed by a .txt file extension (CVE-2010-2333).
Exploits a null-byte poisoning vulnerability in Litespeed Web Servers 4.0.x before 4.0.15 to retrieve the target script's source code by sending a HTTP request with a null byte followed by a .txt file extension (CVE-2010-2333).
If the server is not vulnerable it returns an error 400. If index.php is not found, you may try /phpinfo.php which is also shipped with LiteSpeed Web Server. The attack payload looks like this:
* <code>/index.php\00.txt</code>

2
scripts/smb-psexec.nse
View File

@@ -1,5 +1,5 @@
description = [[
This script implements remote process execution similar to the Sysinternals' psexec tool,
Implements remote process execution similar to the Sysinternals' psexec tool,
allowing a user to run a series of programs on a remote machine and read the output. This
is great for gathering information about servers, running the same tool on a range of
system, or even installing a backdoor on a collection of computers.