PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-18 21:49:01 +00:00
Code Issues Projects Releases Wiki Activity

Add categories to new SSH scripts

Browse Source
This commit is contained in:
dmiller
2017-07-26 19:34:24 +00:00
parent 743791ce63
commit 71c74770d0
4 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/script.db
View File

@@ -502,7 +502,11 @@ Entry { filename = "snmp-win32-users.nse", categories = { "auth", "default", "sa
Entry { filename = "socks-auth-info.nse", categories = { "default", "discovery", "safe", } }
Entry { filename = "socks-brute.nse", categories = { "brute", "intrusive", } }
Entry { filename = "socks-open-proxy.nse", categories = { "default", "discovery", "external", "safe", } }
Entry { filename = "ssh-auth-methods.nse", categories = { "auth", "intrusive", } }
Entry { filename = "ssh-brute.nse", categories = { "brute", "intrusive", } }
Entry { filename = "ssh-hostkey.nse", categories = { "default", "discovery", "safe", } }
Entry { filename = "ssh-publickey-acceptance.nse", categories = { "auth", "intrusive", } }
Entry { filename = "ssh-run.nse", categories = { "intrusive", } }
Entry { filename = "ssh2-enum-algos.nse", categories = { "discovery", "safe", } }
Entry { filename = "sshv1.nse", categories = { "default", "safe", } }
Entry { filename = "ssl-ccs-injection.nse", categories = { "safe", "vuln", } }

10
scripts/ssh-auth-methods.nse
View File

@@ -3,7 +3,10 @@ local stdnse = require "stdnse"
local libssh2_util = require "libssh2-utility"
description = [[
Returns authenication methods a ssh server supports.
Returns authentication methods that a SSH server supports.
This is in the "intrusive" category because it starts an authentication with a
username which may be invalid. The abandoned connection will likely be logged.
]]
---
@@ -18,9 +21,10 @@ Returns authenication methods a ssh server supports.
-- |_ password
author = "Devin Bjelland"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"auth", "intrusive"}
local username = stdnse.get_script_args "ssh.user" or stdnse.generate_random_string(5)
local username = stdnse.get_script_args("ssh.user") or stdnse.generate_random_string(5)
portrule = shortport.port_or_service(22, 'ssh')
function action (host, port)

2
scripts/ssh-brute.nse
View File

@@ -25,7 +25,7 @@ Performs brute-force password guessing against ssh servers.
-- @args ssh-brute.timeout Connection timeout (default: "5s")
author = "Devin Bjelland"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {
'brute',
'intrusive',

1
scripts/ssh-publickey-acceptance.nse
View File

@@ -33,6 +33,7 @@ see if the target ssh server accepts them for publickey authentication. If no ke
author = "Devin Bjelland"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"auth", "intrusive"}
local privatekeys = stdnse.get_script_args "ssh.privatekeys"
local usernames = stdnse.get_script_args "ssh.usernames"