Minor rewording for clarity that someone suggested

2025-12-12 02:39:03 +00:00 · 2013-10-22 00:51:58 +00:00
parent 78483a1c41
commit 3daeedd608
2 changed files with 14 additions and 7 deletions
--- a/docs/scripting.xml
+++ b/docs/scripting.xml
@@ -307,7 +307,11 @@ Black Hat Briefings in 2010.</para>

        <varlistentry>
        <term>Usefulness</term>
-        <listitem><para>Default scans need to produce valuable and actionable information.  If even the script author has trouble explaining why an average networking or security professional would find the output valuable, the script should not run by default.  The script may still be worth including in Nmap so that administrators can run for those occasions when they do need the extra information.</para></listitem>
+        <listitem><para>Default scans need to produce valuable and
+	actionable information.  If even the script author has trouble
+	explaining why an average networking or security professional
+	would find the output valuable, the script should not run by
+	default.</para></listitem>
        </varlistentry>

        <varlistentry>
@@ -319,7 +323,7 @@ Black Hat Briefings in 2010.</para>
        important information to report, NSE scripts (particularly
        default ones) should return nothing.  Checking for an obscure
        vulnerability may be OK by default as long as it only produces output
-        when that vulnerability discovered.</para></listitem>
+        when that vulnerability is discovered.</para></listitem>
        </varlistentry>

        <varlistentry>
@@ -363,9 +367,13 @@ Black Hat Briefings in 2010.</para>
            <option>dos</option>
          </term>
          <listitem>
-            <para>Scripts in this category may cause denial of service, usually
-            because they crash a service as a side effect of testing it for a
-            vulnerability.</para>
+            <para>Scripts in this category may cause a denial of
+            service.  Sometimes this is done to test vulnerability to
+	    a denial of service method, but more commonly it is
+	    an undesired by necessary side effect of testing for
+	    a traditional vulnerability.  These tests sometimes crash
+	    vulnerable services.</para>
+
          </listitem>
        </varlistentry>

--- a/scripts/smb-enum-users.nse
+++ b/scripts/smb-enum-users.nse
@@ -94,8 +94,7 @@ doesn't hurt to add more.
 The names and details from both of these techniques are merged and displayed.
 If the output is verbose, then extra details are shown. The output is ordered alphabetically. 

-Credit goes out to the <code>enum.exe</code>, <code>sid2user.exe</code>, and <code>user2sid.exe</code> programs.
-The code I wrote for this is largely based on the techniques used by them.
+Credit goes out to the <code>enum.exe</code>, <code>sid2user.exe</code>, and <code>user2sid.exe</code> programs for pioneering some of the techniques used in this script.
 ]]

 ---