diff --git a/CHANGELOG b/CHANGELOG index 013bfb75d..022a536d5 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,8 @@ # Nmap Changelog ($Id$); -*-text-*- +o [NSE] Documented the credential library and added the creds-summary script. + [Patrik] + o [NSE] Added http-majordomo2-dir-traversal and new version of http-trace.nse. [Paulino] diff --git a/scripts/creds-summary.nse b/scripts/creds-summary.nse new file mode 100644 index 000000000..92fea36e5 --- /dev/null +++ b/scripts/creds-summary.nse @@ -0,0 +1,40 @@ +description = [[ +Lists all discovered credentials at end of scan +]] + +--- +--@output +-- | creds-summary: +-- | 10.10.10.10 +-- | 22/ssh +-- | lisbon:jane - Account is valid +-- | 10.10.10.20 +-- | 21/ftp +-- | jane:redjohn - Account is locked +-- | 22/ssh +-- | cho:secret11 - Account is valid +-- | 23/telnet +-- | rigsby:pelt - Account is valid +-- | pelt:rigsby - Password needs to be changed at next logon +-- | 80/http +-- | lisbon:jane - Account is valid +-- | jane:redjohn - Account is locked +-- |_ cho:secret11 - Account is valid + + +author = "Patrik Karlsson" +license = "Same as Nmap--See http://nmap.org/book/man-legal.html" +categories = {"auth", "default", "safe"} + +require 'creds' + +postrule = function() + local all = creds.Credentials:new(creds.ALL_DATA) + local tab = all:getTable() + if ( tab and #tab > 0 ) then return true end +end + +action = function() + local all = creds.Credentials:new(creds.ALL_DATA) + return (all and tostring(all) or nil) +end diff --git a/scripts/script.db b/scripts/script.db index 35704f14f..b243f8bdb 100644 --- a/scripts/script.db +++ b/scripts/script.db @@ -24,6 +24,7 @@ Entry { filename = "citrix-enum-servers-xml.nse", categories = { "discovery", "s Entry { filename = "citrix-enum-servers.nse", categories = { "discovery", "safe", } } Entry { filename = "couchdb-databases.nse", categories = { "discovery", "safe", } } Entry { filename = "couchdb-stats.nse", categories = { "discovery", "safe", } } +Entry { filename = "creds-summary.nse", categories = { "auth", "default", "safe", } } Entry { filename = "daap-get-library.nse", categories = { "discovery", "safe", } } Entry { filename = "daytime.nse", categories = { "discovery", "safe", } } Entry { filename = "db2-das-info.nse", categories = { "discovery", "safe", "version", } } @@ -76,7 +77,7 @@ Entry { filename = "http-passwd.nse", categories = { "intrusive", "vuln", } } Entry { filename = "http-php-version.nse", categories = { "discovery", "safe", } } Entry { filename = "http-robots.txt.nse", categories = { "default", "discovery", "safe", } } Entry { filename = "http-title.nse", categories = { "default", "discovery", "safe", } } -Entry { filename = "http-trace.nse", categories = { "discovery", "safe", } } +Entry { filename = "http-trace.nse", categories = { "discovery", "safe", "vuln", } } Entry { filename = "http-userdir-enum.nse", categories = { "discovery", "intrusive", } } Entry { filename = "http-vhosts.nse", categories = { "discovery", "intrusive", } } Entry { filename = "http-vmware-path-vuln.nse", categories = { "default", "safe", "vuln", } }