Do copyediting of NSEDoc up through pgsql-brute.

2025-12-06 04:31:29 +00:00 · 2010-07-12 06:21:03 +00:00
parent 725e6b85ac
commit 4cdc50e95d
14 changed files with 92 additions and 77 deletions
--- a/scripts/citrix-brute-xml.nse
+++ b/scripts/citrix-brute-xml.nse
@@ -19,8 +19,6 @@ accounts will be locked.
 -- |   Joe:password => Must change password at next logon
 -- |   Luke:summer => Login was successful
 -- |_  Jane:secret => Account is disabled
 --
 ---
 -- Version 0.2
--- a/scripts/mysql-databases.nse
+++ b/scripts/mysql-databases.nse
@@ -1,10 +1,14 @@
 description = [[
-Attempts to list all databases on the MySQL server
+Attempts to list all databases on a MySQL server.
 ]]
 ---
-- @args mysqluser The username to use for authentication. (If unset it attempts to use credentials found by mysql-brute or mysql-empty-password)
+-- @args mysqluser The username to use for authentication. If unset it
-- @args mysqlpass The password to use for authentication. (If unset it attempts to use credentials found by mysql-brute or mysql-empty-password)
+-- attempts to use credentials found by <code>mysql-brute</code> or
 -- <code>mysql-empty-password</code>.
 -- @args mysqlpass The password to use for authentication. If unset it
 -- attempts to use credentials found by <code>mysql-brute</code> or
 -- <code>mysql-empty-password</code>.
 --
 -- @output
 -- 3306/tcp open  mysql
--- a/scripts/mysql-empty-password.nse
+++ b/scripts/mysql-empty-password.nse
@@ -1,5 +1,6 @@
 description = [[
-Checks for MySQL servers with an empty root and/or anonymous password
+Checks for MySQL servers with an empty password for <code>root</code> or
 <code>anonymous</code>.
 ]]
 ---
--- a/scripts/mysql-info.nse
+++ b/scripts/mysql-info.nse
@@ -8,7 +8,7 @@ isn't run (see the portrule).
 ]]
 ---
--@output
+-- @output
 -- 3306/tcp open  mysql
 -- |  mysql-info: Protocol: 10
 -- |  Version: 5.0.51a-3ubuntu5.1
--- a/scripts/mysql-users.nse
+++ b/scripts/mysql-users.nse
@@ -1,10 +1,14 @@
 description = [[
-Attempts to list all users on the MySQL server
+Attempts to list all users on a MySQL server.
 ]]
 ---
-- @args mysqluser The username to use for authentication. (If unset it attempts to use credentials found by mysql-brute or mysql-empty-password)
+-- @args mysqluser The username to use for authentication. If unset it
-- @args mysqlpass The password to use for authentication. (If unset it attempts to use credentials found by mysql-brute or mysql-empty-password)
+-- attempts to use credentials found by <code>mysql-brute</code> or
 -- <code>mysql-empty-password</code>.
 -- @args mysqlpass The password to use for authentication. If unset it
 -- attempts to use credentials found by <code>mysql-brute</code> or
 -- <code>mysql-empty-password</code>.
 --
 -- @output
 -- 3306/tcp open  mysql
--- a/scripts/mysql-variables.nse
+++ b/scripts/mysql-variables.nse
@@ -1,10 +1,14 @@
 description = [[
-Attempts to show all variables on the MySQL server
+Attempts to show all variables on a MySQL server.
 ]]
 ---
-- @args mysqluser The username to use for authentication. (If unset it attempts to use credentials found by mysql-brute or mysql-empty-password)
+-- @args mysqluser The username to use for authentication. If unset it
-- @args mysqlpass The password to use for authentication. (If unset it attempts to use credentials found by mysql-brute or mysql-empty-password)
+-- attempts to use credentials found by <code>mysql-brute</code> or
 -- <code>mysql-empty-password</code>.
 -- @args mysqlpass The password to use for authentication. If unset it
 -- attempts to use credentials found by <code>mysql-brute</code> or
 -- <code>mysql-empty-password</code>.
 --
 -- @output
 -- 3306/tcp open  mysql
--- a/scripts/nfs-ls.nse
+++ b/scripts/nfs-ls.nse
@@ -1,26 +1,26 @@
 description = [[
 Attempts to get useful informations about files from NFS exports.
-This script try to emulate some features of the old "ls" unix tool.
+The output is intended to resemble the output of <code>ls</code>.
-This starts by enumerating and mounting the remote NFS exports, after 
+The script starts by enumerating and mounting the remote NFS exports. After 
-that it performs NFS GETATTR procedure call for each mounted point
+that it performs an NFS GETATTR procedure call for each mounted point
-in order to get it's acls.
+in order to get its ACLs.
-For each mounted directory the script will try to list it's file entries
+For each mounted directory the script will try to list its file entries
 with their attributes.
-Since the file attributes shown in the results are the result of the
+Since the file attributes shown in the results are the result of
-GETATTR, READDIRPLUS procedures and all the like then these attributes
+GETATTR, READDIRPLUS, and similar procedures, the attributes
-are the attributes of the local files system.
+are the attributes of the local filesystem.
-The following access permissions are only shown for the NFSv3:
+These access permissions are shown only with NFSv3:
-o Read:     Read data from file or read a directory.
+* Read:     Read data from file or read a directory.
-o Lookup:   Look up a name in a directory
+* Lookup:   Look up a name in a directory
-            (no meaning for on-directory objects).
+            (no meaning for non-directory objects).
-o Modify:   Rewrite existing file data or modify existing
+* Modify:   Rewrite existing file data or modify existing
            directory entries.
-o Extend:   Write new data or add directory entries.
+* Extend:   Write new data or add directory entries.
-o Delete:   Delete an existing directory entry.
+* Delete:   Delete an existing directory entry.
-o Execute:  Execute file (no meaning for a directory).
+* Execute:  Execute file (no meaning for a directory).
 ]]
 ---
@@ -49,17 +49,19 @@ o Execute:  Execute file (no meaning for a directory).
 -- |     -rw-r--r--  0     0     5        2010-06-10 11:32  rootfile
 -- |_    lrwxrwxrwx  1000  1002  8        2010-06-10 08:34  symlink
 --
-- @args nfs-ls.maxfiles If set limits the amount of files returned by
+-- @args nfs-ls.maxfiles If set, limits the amount of files returned by
--       the script when using nfs-ls.dirlist argument. If set to zero
+--       the script when using the <code>nfs-ls.dirlist</code> argument.
--       or less all files are shown. (default 10)
+--       If set to 0
-- @args nfs-ls.human If set to '1' or 'true' shows the files size in
+--       or less, all files are shown. The default value is 10.
--       the human readable format.
+-- @args nfs-ls.human If set to <code>1</code> or <code>true</code>,
 --       shows file sizes in a human readable format with suffixes like
 --       <code>KB</code> and <code>MB</code>.
 -- @args nfs-ls.time Specifies which one of the mac times to use in the
 --       files attributes output. Possible values are:
--       m    :Modification time (mtime)
+-- * <code>m</code>: modification time (mtime)
--       a    :Access time (atime)
+-- * <code>a</code>: access time (atime)
--       c    :Change time (ctime)
+-- * <code>c</code>: change time (ctime)
--       Default value is "m" mtime.
+-- The default value is <code>m</code> (mtime).
 -- Created 05/28/2010 - v0.1 - combined nfs-dirlist and nfs-acls scripts
 -- Revised 06/04/2010 - v0.2 - make NFS exports listing with their acls
--- a/scripts/nfs-statfs.nse
+++ b/scripts/nfs-statfs.nse
@@ -1,6 +1,6 @@
 description = [[
-Retrieves disk space statistics and information from the remote NFS
+Retrieves disk space statistics and information from a remote NFS share.
-share. This script will try to emulate the behaviour of the "df" tool.
+The output is intended to resemble the output of <code>df</code>.
 The script will provide pathconf information of the remote NFS if
 the version used is NFSv3.
@@ -15,9 +15,9 @@ the version used is NFSv3.
 -- |   /mnt/nfs/files       5542276    2732012  2528728    52%   4096
 -- |_  /mnt/nfs/opensource  5534416    620640   4632644    12%   4096
 --
-- @args nfs-statfs.human If set to '1' or 'true' shows the filesystem
+-- @args nfs-statfs.human If set to <code>1</code> or <code>true</code>,
--       size in the human readable format.
+--       shows file sizes in a human readable format with suffixes like
--
+--       <code>KB</code> and <code>MB</code>.
 -- Version 0.3
--- a/scripts/ntp-monlist.nse
+++ b/scripts/ntp-monlist.nse
@@ -2,25 +2,26 @@ author = "jah"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
 categories = {"discovery", "intrusive"}
 description = [[
-Obtain and print an NTP server's monitor data.
+Obtains and prints an NTP server's monitor data.
-Monitor data is a most recently used list (MRU) of hosts with NTP associations
+Monitor data is a list of the most recently used (MRU) having NTP associations
 with the target. Each record contains information about the most recent NTP
 packet sent by a host to the target including the source and destination
 addresses and the NTP version and mode of the packet. With this information it
-is possible to classify associated hosts as Servers, Peers and Clients.
+is possible to classify associated hosts as Servers, Peers, and Clients.
 A Peers command is also sent to the target and the peers list in the response
 allows differentiation between configured Mode 1 Peers and clients which act
 like Peers (such as the Windows W32Time service).
-Associated hosts are further classified as either public or private - the latter
+Associated hosts are further classified as either public or private.
-having IP addresses which are not routable on the public internet and thus can
+Private hosts are those
 having IP addresses which are not routable on the public Internet and thus can
 help to form a picture about the topology of the private network on which the
 target resides.
 Other information revealed by the monlist and peers commands are the host with
-which the target clock is synchronised and hosts which send Control Mode (6)
+which the target clock is synchronized and hosts which send Control Mode (6)
 and Private Mode (7) commands to the target and which may be used by admins for
 the NTP service.
@@ -29,17 +30,13 @@ Mode 7 commands sent by this script are recorded by the target (and will often
 appear in these results). Since the monitor data is a MRU list, it is probable
 that you can overwrite the record of the Mode 7 command by sending an innoccuous
 looking Client Mode request. This can be acheived easily using Nmap:
-nmap -sU -pU:123 -Pn -n --max-retries=0 <target>
+<code>nmap -sU -pU:123 -Pn -n --max-retries=0 <target></code>
 Notes:
-o The monitor list in response to the monlist command is limited to 600
+* The monitor list in response to the monlist command is limited to 600 associations.
-  associations.
+* The monitor capability may not be enabled on the target in which case you may receive an error number 4 (No Data Available).
-o The monitor capability may not be enabled on the target in which case you may
+* There may be a restriction on who can perform Mode 7 commands (e.g. "restrict noquery" in <code>ntp.conf</code>) in which case you may not receive a reply.
-  receive an error number 4 (No Data Available).
+* This script does not handle authenticating and targets expecting auth info may respond with error number 3 (Format Error).
 o There may be a restriction on who can perform Mode 7 commands (e.g. 'restrict
  noquery' in ntp.conf) in which case you may not receive a reply.
 o This script does not handle authenticating and targets expecting auth info may
  respond with error number 3 (Format Error).
 ]]
 ---
--- a/scripts/oracle-sid-brute.nse
+++ b/scripts/oracle-sid-brute.nse
@@ -1,16 +1,19 @@
 description = [[
-Guesses Oracle instance/sid names against the TNS-listener
+Guesses Oracle instance/SID names against the TNS-listener.
 If the <code>oraclesids</code> script argument is not used to specify an
 alternate file, the default <code>oracle-sids</code> file will be used.
 License to use the <code>oracle-sids</code> file was granted by its
 author, Alexander Kornbrust (http://seclists.org/nmap-dev/2009/q4/645).
 ]]
 ---
 -- @args oraclesids A file containing SIDs to try.
 --
 -- @usage
 -- nmap --script=oracle-sid-brute --script-args=oraclesids=/path/to/sidfile -p 1521-1560 <host>
 -- nmap --script=oracle-sid-brute -p 1521-1560 <host>
 --
 -- If no oraclesids file is specified, it falls back to the default oracle-sids file
 -- License to use the oracle-sids file was granted by the author (Alexander Kornbrust) 
 -- Ref: http://seclists.org/nmap-dev/2009/q4/645
 --
 -- @output
 -- PORT     STATE SERVICE REASON
 -- 1521/tcp open  oracle  syn-ack
--- a/scripts/p2p-conficker.nse
+++ b/scripts/p2p-conficker.nse
@@ -1,20 +1,20 @@
 description = [[
-Check if a host is infected with Conficker.C or higher, based on Conficker's peer to peer communication. 
+Checks if a host is infected with Conficker.C or higher, based on Conficker's peer to peer communication. 
-When Conficker.C and higher infect a system, it opens four ports: two TCP and two UDP. The ports are 
+When Conficker.C or higher infects a system, it opens four ports: two TCP and two UDP. The ports are 
 random, but are seeded with the current week and the IP of the infected host. By determining the algorithm, 
 one can check if these four ports are open, and can probe them for more data. 
 Once the open ports are found, communication can be initiated using Conficker's custom peer to peer protocol. 
 If a valid response is received, then a valid Conficker infection has been found. 
-This check won't work properly on a multihomed or NATed system -- the open ports will be based on a nonpublic IP. 
+This check won't work properly on a multihomed or NATed system because the open ports will be based on a nonpublic IP. 
 The argument <code>checkall</code> tells Nmap to attempt communication with every open port (much like a version
-check) and the argument <code>realip</code> tells Nmap to base its port generation on the given ip address instead
+check) and the argument <code>realip</code> tells Nmap to base its port generation on the given IP address instead
-of the actual ip. See the args section for more information. 
+of the actual IP.
 By default, this will run against a system that has a standard Windows port open (445, 139, 137). The arguments
-checkall and checkconficker will both perform checks regardless of which port is open, see the args section for
+<code>checkall</code> and <code>checkconficker</code> will both perform checks regardless of which port is open, see the args section for
 more information. 
 Note: Ensure your clock is correct (within a week) before using this script!
@@ -25,8 +25,11 @@ out to everybody who contributed!
 ]]
 ---
-- @args checkconficker If set to '1' or 'true', the script will always run on active hosts, 
+-- @args checkall If set to <code>1</code> or <code>true</code>, attempt
 -- to communicate with every open port.
 -- @args checkconficker If set to <code>1</code> or <code>true</code>, the script will always run on active hosts, 
 --       it doesn't matter if any open ports were detected. 
 -- @args realip An IP address to use in place of the one known by Nmap.
 --
 -- @usage
 -- # Run the scripts against host(s) that appear to be Windows
--- a/scripts/pgsql-brute.nse
+++ b/scripts/pgsql-brute.nse
@@ -1,5 +1,5 @@
 description = [[
-Performs password guessing against Postgresql
+Performs password guessing against Postgresql.
 ]]
 ---
@@ -12,16 +12,15 @@ Performs password guessing against Postgresql
 -- |   root:<empty> => Login Correct
 -- |_  test:test => Login Correct
 --
-- @args pgsql.nossl If set to 1 or true disables SSL.
+-- @args pgsql.nossl If set to <code>1</code> or <code>true</code>, disables SSL.
-- @args pgsql.version Force protocol version 2 or 3
+-- @args pgsql.version Force protocol version 2 or 3.
--
+
 -- SSL Encryption
 -- --------------
 -- We need to handle several cases of SSL support
 --  o SSL can be supported on a server level
 --  o SSL can be enforced per host or network level
 --  o SSL can be denied per host or network level
 --
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
--- a/scripts/smtp-commands.nse
+++ b/scripts/smtp-commands.nse
@@ -14,7 +14,7 @@ SMTP server.
 -- |_ This server supports the following commands: HELO EHLO STARTTLS RCPT DATA RSET MAIL QUIT HELP AUTH TURN ETRN BDAT VRFY
 --
 -- @args smtp-commands.domain Define the domain to be used in the SMTP commands
--
+
 -- changelog
 -- 1.1.0.0 - 2007-10-12
 -- + added HELP command in addition to EHLO
--- a/scripts/smtp-enum-users.nse
+++ b/scripts/smtp-enum-users.nse
@@ -26,7 +26,7 @@ smtp-enum-users.methods={EXPN,RCPT,VRFY}
 --
 -- @args smtp-enum-users.domain Define the domain to be used in the SMTP commands
 -- @args smtp-enum-users.methods Define the methods and order to be used by the script (EXPN, VRFY, RCPT)
--
+
 -- changelog
 -- 2010-03-07 Duarte Silva <duarte.silva@myf00.net>
 --   * First version ;)