PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 20:51:30 +00:00
Code Issues Projects Releases Wiki Activity

Updates script to detect other vulnerable services and removes useless redirection ports from the execution rule. See GH#876

Browse Source
This commit is contained in:
paulino
2017-05-09 17:24:55 +00:00
parent edbb4c90ed
commit c51c0b6e86
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/http-vuln-cve2017-5689.nse
View File

@@ -80,7 +80,7 @@ author = "Andrew Orr"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = { "vuln", "auth", "exploit" }
portrule = shortport.port_or_service({623, 664, 16992, 16993, 16994, 16995}, "amt-soap-http")
portrule = shortport.port_or_service({623, 664, 16992, 16993}, "amt-soap-http")
action = function(host, port)
local vuln = {
@@ -108,7 +108,7 @@ digest parameter.
local vuln_report = vulns.Report:new(SCRIPT_NAME, host, port)
local response = http.get(host, port, '/index.htm')
if response.header['server'] and response.header['server']:find('Intel(R) Active Management Technology', 1, true)
if response.header['server'] and response.header['server']:find('Intel(R)', 1, true)
and response.status and response.status == 401 then
local www_authenticate = http.parse_www_authenticate(response.header['www-authenticate'])
local auth_header = string.format("Digest username=\"admin\", realm=\"%s\", nonce=\"%s\", uri=\"index.htm\"," ..