diff --git a/scripts/hadoop-datanode-info.nse b/scripts/hadoop-datanode-info.nse index 456e56234..02b584ef0 100644 --- a/scripts/hadoop-datanode-info.nse +++ b/scripts/hadoop-datanode-info.nse @@ -1,5 +1,5 @@ description = [[ -Gets information from an Apache Hadoop DataNode HTTP status page. +Discovers information such as log directories from an Apache Hadoop DataNode HTTP status page. Information gathered: * Log directory (relative to http://host:port/) diff --git a/scripts/hadoop-jobtracker-info.nse b/scripts/hadoop-jobtracker-info.nse index 9c3be41d3..6440e796d 100644 --- a/scripts/hadoop-jobtracker-info.nse +++ b/scripts/hadoop-jobtracker-info.nse @@ -1,5 +1,5 @@ description = [[ -Gets information from an Apache Hadoop JobTracker HTTP status page. +Retrieves information from an Apache Hadoop JobTracker HTTP status page. Information gathered: * State of the JobTracker. diff --git a/scripts/hadoop-namenode-info.nse b/scripts/hadoop-namenode-info.nse index 251f46a2d..4c7284aec 100644 --- a/scripts/hadoop-namenode-info.nse +++ b/scripts/hadoop-namenode-info.nse @@ -1,5 +1,5 @@ description = [[ -Gets information from an Apache Hadoop NameNode HTTP status page. +Retrieves information from an Apache Hadoop NameNode HTTP status page. Information gathered: * Date/time the service was started diff --git a/scripts/hadoop-secondary-namenode-info.nse b/scripts/hadoop-secondary-namenode-info.nse index f0bb07793..f03cee238 100644 --- a/scripts/hadoop-secondary-namenode-info.nse +++ b/scripts/hadoop-secondary-namenode-info.nse @@ -1,5 +1,5 @@ description = [[ -Gets information from an Apache Hadoop secondary NameNode HTTP status page. +Retrieves information from an Apache Hadoop secondary NameNode HTTP status page. Information gathered: * Date/time the service was started diff --git a/scripts/hadoop-tasktracker-info.nse b/scripts/hadoop-tasktracker-info.nse index ebba03c93..0d3bde417 100644 --- a/scripts/hadoop-tasktracker-info.nse +++ b/scripts/hadoop-tasktracker-info.nse @@ -1,5 +1,5 @@ description = [[ -Gets information from an Apache Hadoop TaskTracker HTTP status page. +Retrieves information from an Apache Hadoop TaskTracker HTTP status page. Information gathered: * Hadoop version diff --git a/scripts/hbase-master-info.nse b/scripts/hbase-master-info.nse index 71fa5cab9..ed78a9f58 100644 --- a/scripts/hbase-master-info.nse +++ b/scripts/hbase-master-info.nse @@ -1,5 +1,5 @@ description = [[ -Gets information from an Apache HBase master HTTP status page. +Retrieves information from an Apache HBase (Hadoop database) master HTTP status page. Information gathered: * Hbase version diff --git a/scripts/hbase-region-info.nse b/scripts/hbase-region-info.nse index 0b80f316b..65f8bcb21 100644 --- a/scripts/hbase-region-info.nse +++ b/scripts/hbase-region-info.nse @@ -1,5 +1,5 @@ description = [[ -Gets information from an Apache HBase region server HTTP status page. +Retrieves information from an Apache HBase (Hadoop database) region server HTTP status page. Information gathered: * HBase version diff --git a/scripts/http-method-tamper.nse b/scripts/http-method-tamper.nse index 3cc8f785c..af41a9730 100644 --- a/scripts/http-method-tamper.nse +++ b/scripts/http-method-tamper.nse @@ -1,5 +1,5 @@ description = [[ -Checks if a JBoss target is vulnerable to jmx console authentication bypass. +Checks whether a JBoss target is vulnerable to jmx console authentication bypass (CVE-2010-0738). It works by checking if the target paths require authentication or redirect to a login page that could be bypassed via a HEAD request. RFC 2616 specifies that the HEAD request should be treated exactly like GET but diff --git a/scripts/http-vuln-cve2011-3368.nse b/scripts/http-vuln-cve2011-3368.nse index 5fe42265f..f2d649ef5 100644 --- a/scripts/http-vuln-cve2011-3368.nse +++ b/scripts/http-vuln-cve2011-3368.nse @@ -1,9 +1,12 @@ description = [[ -Check against CVE-2011-3368 "Reverse Proxy Bypass", as described by http://www.contextis.com/research/blog/reverseproxybypass/ +Checks for the CVE-2011-3368 (Reverse Proxy Bypass) vulnerability in Apache HTTP server's reverse proxy mode. The script will run 3 tests: o the loopback test, with 3 payloads to handle different rewrite rules o the internal hosts test. According to Contextis, we expect a delay before a server error. o The external website test. This does not mean that you can reach a LAN ip, but this is a relevant issue anyway. + +References: + * http://www.contextis.com/research/blog/reverseproxybypass/ ]] --- diff --git a/scripts/irc-botnet-channels.nse b/scripts/irc-botnet-channels.nse index 58f09cb56..fafc5bacb 100644 --- a/scripts/irc-botnet-channels.nse +++ b/scripts/irc-botnet-channels.nse @@ -1,5 +1,5 @@ description = [[ -Checks an IRC server for channels that may be used by botnets. +Checks an IRC server for channels that are commonly used by malicious botnets. Control the list of channel names with the irc-botnet-channels.channels script argument. The default list of channels is diff --git a/scripts/reverse-index.nse b/scripts/reverse-index.nse index 24beed829..ef3bd6e1c 100644 --- a/scripts/reverse-index.nse +++ b/scripts/reverse-index.nse @@ -1,6 +1,5 @@ description = [[ -This script creates a reverse index showing which hosts run a particular -service rather than just listing the services on each host. +Creates a reverse index at the end of scan output showing which hosts run a particular service. This is in addition to Nmap's normal output listing the services on each host. ]] --- diff --git a/scripts/rexec-brute.nse b/scripts/rexec-brute.nse index ba9638a55..180d21a25 100644 --- a/scripts/rexec-brute.nse +++ b/scripts/rexec-brute.nse @@ -1,5 +1,5 @@ description=[[ -Performs password guessing against the rexec service. +Performs brute force password auditing against the classic UNIX rexec (remote exec) service. ]] --- diff --git a/scripts/rlogin-brute.nse b/scripts/rlogin-brute.nse index 2601c2a26..7dea43a09 100644 --- a/scripts/rlogin-brute.nse +++ b/scripts/rlogin-brute.nse @@ -1,6 +1,5 @@ description=[[ -Performs password guessing against the rlogin service -The script needs to be run in privileged mode. +Performs brute force password auditing against the classic UNIX rlogin (remote login) service. This script must be run in privileged mode on UNIX because it must bind to a low source port number. ]] --- diff --git a/scripts/unusual-port.nse b/scripts/unusual-port.nse index ec8d2a8dc..6159794ec 100644 --- a/scripts/unusual-port.nse +++ b/scripts/unusual-port.nse @@ -1,7 +1,9 @@ description = [[ -Compares the detected service on a port against the expected service and -reports deviations. The script requires that a version scan has been run in -order to be able to discover what service is running on each port. +Compares the detected service on a port against the expected service +for that port number (e.g. ssh on 22, http on 80) and reports +deviations. The script requires that a version scan has been run in +order to be able to discover what service is actually running on each +port. ]] ---