Document some undocumented script-args.

2025-12-06 04:31:29 +00:00 · 2015-11-25 03:01:29 +00:00
parent 46388d28db
commit 856b90337a
10 changed files with 18 additions and 3 deletions
--- a/scripts/ajp-brute.nse
+++ b/scripts/ajp-brute.nse
@@ -25,6 +25,7 @@ back-end Java application server containers.
 -- |   Statistics
 -- |_    Performed 1946 guesses in 23 seconds, average tps: 82
 --
+-- @args ajp-brute.path URL path to request. Default: /

 author = "Patrik Karlsson"
 license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
--- a/scripts/hadoop-jobtracker-info.nse
+++ b/scripts/hadoop-jobtracker-info.nse
@@ -24,6 +24,8 @@ Information gathered:
 -- @usage
 -- nmap --script hadoop-jobtracker-info [--script-args=hadoop-jobtracker-info.userinfo] -p 50030 host
 --
+-- @args hadoop-jobtracker-info.userinfo Retrieve user history info. Default: false
+--
 -- @output
 -- 50030/tcp open  hadoop-jobtracker
 -- | hadoop-jobtracker-info:
--- a/scripts/http-feed.nse
+++ b/scripts/http-feed.nse
@@ -76,6 +76,7 @@ end

 action = function(host, port)

+  --TODO: prefix this with SCRIPT_NAME and document it.
  local maxpagecount = stdnse.get_script_args("maxpagecount") or 40

  local crawler = httpspider.Crawler:new(host, port, '/', { scriptname = SCRIPT_NAME,
--- a/scripts/http-git.nse
+++ b/scripts/http-git.nse
@@ -26,6 +26,8 @@ message, and repository description.
 -- |   127.0.0.1:80/damagedrepository/.git/
 -- |_    Potential Git repository found (found 2/6 expected files)
 --
+-- @args http-git.root URL path to search for a .git directory. Default: /
+--
 -- @xmloutput
 -- <table key="127.0.0.1:80/.git/">
 --   <table key="remotes">
--- a/scripts/http-vuln-wnr1000-creds.nse
+++ b/scripts/http-vuln-wnr1000-creds.nse
@@ -15,6 +15,7 @@ Vulnerability discovered by c1ph04.
 ---
 -- @usage
 -- nmap -sV --script http-vuln-wnr1000-creds <target> -p80
+-- @args http-vuln-wnr1000-creds.uri URI path where the passwordrecovered.cgi script can be found. Default: /
 -- @output
 -- PORT   STATE SERVICE REASON
 -- 80/tcp open  http    syn-ack
--- a/scripts/iscsi-brute.nse
+++ b/scripts/iscsi-brute.nse
@@ -9,6 +9,7 @@ Performs brute force password auditing against iSCSI targets.
 ]]

 ---
+-- @args iscsi-brute.target iSCSI target to brute-force.
 -- @output
 -- PORT     STATE SERVICE
 -- 3260/tcp open  iscsi   syn-ack
--- a/scripts/knx-gateway-discover.nse
+++ b/scripts/knx-gateway-discover.nse
@@ -25,9 +25,7 @@ license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
 categories = {"discovery", "safe", "broadcast"}

 ---
--@args
-- timeout Max time to wait for a response. (default 3s)
-- newtargets Add found gateways to target list
+--@args timeout Max time to wait for a response. (default 3s)
 --
 --@usage
 -- nmap --script knx-gateway-discover -e eth0
--- a/scripts/mongodb-brute.nse
+++ b/scripts/mongodb-brute.nse
@@ -14,6 +14,8 @@ Performs brute force password auditing against the MongoDB database.
 -- @usage
 -- nmap -p 27017 <ip> --script mongodb-brute
 --
+-- @args mongodb-brute.db Database against which to check. Default: admin
+--
 -- @output
 -- PORT      STATE SERVICE
 -- 27017/tcp open  mongodb
--- a/scripts/mongodb-info.nse
+++ b/scripts/mongodb-info.nse
@@ -12,6 +12,9 @@ Attempts to get build info and server status from a MongoDB database.
 ---
 -- @usage
 -- nmap -p 27017 --script mongodb-info <host>
+--
+-- @args mongodb-info.db Database to check. Default: admin
+--
 -- @output
 -- PORT      STATE SERVICE REASON
 -- 27017/tcp open  unknown syn-ack
--- a/scripts/ms-sql-dump-hashes.nse
+++ b/scripts/ms-sql-dump-hashes.nse
@@ -17,6 +17,10 @@ discovered by other scripts.
 -- @usage
 -- nmap -p 1433 <ip> --script ms-sql-dump-hashes
 --
+-- @args ms-sql-dump-hashes.dir Dump hashes to a file in this directory. File
+--                              name is <ip>_<instance>_ms-sql_hashes.txt.
+--                              Default: no file is saved.
+--
 -- @output
 -- PORT     STATE SERVICE
 -- 1433/tcp open  ms-sql-s