Apply a patch from Toni Ruottu with some small misc. improvements to the netbus-* scripts. Also I changed netbus-auth-bypass to the safe category as recommended by Toni

scripts/netbus-auth-bypass.nse

@@ -10,13 +10,16 @@ and login to the service by typing Password;1; into the console.
 ]]
 
 ---
+-- @usage
+-- nmap -p 12345 --script netbus-auth-bypass <target>
+--
 -- @output
 -- 12345/tcp open  netbus
 -- |_netbus-auth-bypass: Vulnerable
 
 author = "Toni Ruottu"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"auth", "intrusive", "vuln"}
+categories = {"auth", "safe", "vuln"}
 
 require("nmap")
 require("stdnse")
@@ -50,6 +53,6 @@ action = function( host, port )
 	if buffer() == "Access;1" then
 		return "Vulnerable"
 	end
-	return
+	return "Not vulnerable, but password is empty"
 end
 

scripts/netbus-brute.nse

@@ -3,6 +3,9 @@ Performs brute force password auditing about the Netbus backdoor ("remote admini
 ]]
 
 ---
+-- @usage
+-- nmap -p 12345 --script netbus-brute <target>
+--
 -- @output
 -- 12345/tcp open  netbus
 -- |_netbus-brute: password123
@@ -36,13 +39,18 @@ action = function( host, port )
 		local login = buffer()
 		if login == "Access;1" then
 			-- Store the password for other netbus scripts
-			nmap.registry.netbuspassword=password
-
+			local key = string.format("%s:%d", host.ip, port.number)
+			if not nmap.registry.netbuspasswords then
+				nmap.registry.netbuspasswords = {}
+			end
+			nmap.registry.netbuspasswords[key] = password
+			if password == "" then
+				return "<empty>"
+			end
 			return string.format("%s", password)
 		end
 	end
 	socket:close()
-
 end
 
 

scripts/netbus-info.nse

@@ -18,6 +18,9 @@ and an smtp-server used for notification delivery.
 ]]
 
 ---
+-- @usage
+-- nmap -p 12345 --script netbus-info <target> --script-args netbus-info.password=<password>
+--
 -- @output
 -- 12345/tcp open  netbus
 -- | netbus-info:   
@@ -41,6 +44,8 @@ and an smtp-server used for notification delivery.
 -- |     Wave: 0
 -- |     Synth: 0
 -- |_    Cd: 0
+--
+-- @args netbus-info.password The password used for authentication
 
 author = "Toni Ruottu"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
@@ -123,12 +128,14 @@ local function format_volume(volume)
 end
 
 action = function( host, port )
-
-	local password = nmap.registry.netbuspassword
-	if password == nil then
-		password = ""		 
+	local password = nmap.registry.args[SCRIPT_NAME .. ".password"]
+	if not password and nmap.registry.netbuspasswords then
+		local key = string.format("%s:%d", host.ip, port.number)
+		password = nmap.registry.netbuspasswords[key]
+	end
+	if not password then
+		password = ""
 	end
-
 	local socket = nmap.new_socket()
 	socket:set_timeout(5000)
 	local status, err = socket:connect(host.ip, port.number)
@@ -153,7 +160,6 @@ action = function( host, port )
 	socket:close()
 
 	local response = {}
-	table.insert(response, "")
 	table.insert(response, format_acl(acl))
 	table.insert(response, format_apps(apps))
 	table.insert(response, format_info(info))

scripts/netbus-version.nse

@@ -4,6 +4,9 @@ that mimes NetBus.
 ]]
 
 ---
+-- @usage
+-- nmap -sV -p 12345 --script netbus-version <target>
+--
 -- @output
 -- 12345/tcp open  netbus  Netbuster (honeypot)
 
@@ -15,7 +18,7 @@ require("nmap")
 require("stdnse")
 require("shortport")
 
-portrule = shortport.version_port_or_service (12345, "netbus", {"tcp"})
+portrule = shortport.version_port_or_service ({}, "netbus", {"tcp"})
 
 action = function( host, port )