From c6f42909e2a04b6191c5e3f4b1eb9e88695cf068 Mon Sep 17 00:00:00 2001 From: dmiller Date: Wed, 27 Sep 2017 19:05:44 +0000 Subject: [PATCH] Update docs for smb-psexec since nmap_service.exe is not distributed any more. Closes #1019 --- nselib/data/psexec/README | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/nselib/data/psexec/README b/nselib/data/psexec/README index 227cb84cb..3f0ede1da 100644 --- a/nselib/data/psexec/README +++ b/nselib/data/psexec/README @@ -8,15 +8,8 @@ It is uploaded to the remote host and runs the programs it's directed to run, redirecting their output to a file. This file is then downloaded by the script and displayed to the user. -When Nmap released version 5.20, it was discovered that some over-zealous -antivirus software tagged this program as spyware[1]. For that reason, when -stored on the host machine, it is now encoded by xoring every byte of the -file with 0xFF. When uploaded to a target machine, it is decoded in-stream. -This prevents programs on the host machine from tagging it as malicious, but -does not prevent the target from detecting it (which is arguably a good thing). - -The encoder.c program reads a program from stdin, encodes it by xoring with -0xFF, and writes it to stdout. - -[1] http://seclists.org/nmap-dev/2010/q1/198 - +Because nmap_service.exe is tagged as spyware by some antivirus software, it is +no longer distributed together with nmap. You can download it from +https://nmap.org/psexec/nmap_service.exe or compile it from the provided +sources. The smb-psexec.nse script will remind you if you run it and +nmap_service.exe is not available.