Minor updates to description text

2026-01-17 20:09:02 +00:00 · 2011-12-29 10:54:55 +00:00
parent 85345bb162
commit d13ae6cf25
14 changed files with 21 additions and 18 deletions
--- a/scripts/hadoop-datanode-info.nse
+++ b/scripts/hadoop-datanode-info.nse
@@ -1,5 +1,5 @@
 description = [[
-Gets information from an Apache Hadoop DataNode HTTP status page.
+Discovers information such as log directories from an Apache Hadoop DataNode HTTP status page.

 Information gathered:
 * Log directory (relative to http://host:port/)
--- a/scripts/hadoop-jobtracker-info.nse
+++ b/scripts/hadoop-jobtracker-info.nse
@@ -1,5 +1,5 @@
 description = [[
-Gets information from an Apache Hadoop JobTracker HTTP status page.
+Retrieves information from an Apache Hadoop JobTracker HTTP status page.

 Information gathered:
 * State of the JobTracker.
--- a/scripts/hadoop-namenode-info.nse
+++ b/scripts/hadoop-namenode-info.nse
@@ -1,5 +1,5 @@
 description = [[
-Gets information from an Apache Hadoop NameNode HTTP status page.
+Retrieves information from an Apache Hadoop NameNode HTTP status page.

 Information gathered:
 * Date/time the service was started
--- a/scripts/hadoop-secondary-namenode-info.nse
+++ b/scripts/hadoop-secondary-namenode-info.nse
@@ -1,5 +1,5 @@
 description = [[
-Gets information from an Apache Hadoop secondary NameNode HTTP status page.
+Retrieves information from an Apache Hadoop secondary NameNode HTTP status page.

 Information gathered:
 * Date/time the service was started
--- a/scripts/hadoop-tasktracker-info.nse
+++ b/scripts/hadoop-tasktracker-info.nse
@@ -1,5 +1,5 @@
 description = [[
-Gets information from an Apache Hadoop TaskTracker HTTP status page.
+Retrieves information from an Apache Hadoop TaskTracker HTTP status page.

 Information gathered:
 * Hadoop version
--- a/scripts/hbase-master-info.nse
+++ b/scripts/hbase-master-info.nse
@@ -1,5 +1,5 @@
 description = [[
-Gets information from an Apache HBase master HTTP status page.
+Retrieves information from an Apache HBase (Hadoop database) master HTTP status page.

 Information gathered:
 * Hbase version
--- a/scripts/hbase-region-info.nse
+++ b/scripts/hbase-region-info.nse
@@ -1,5 +1,5 @@
 description = [[
-Gets information from an Apache HBase region server HTTP status page.
+Retrieves information from an Apache HBase (Hadoop database) region server HTTP status page.

 Information gathered:
 * HBase version
--- a/scripts/http-method-tamper.nse
+++ b/scripts/http-method-tamper.nse
@@ -1,5 +1,5 @@
 description = [[
-Checks if a JBoss target is vulnerable to jmx console authentication bypass.
+Checks whether a JBoss target is vulnerable to jmx console authentication bypass (CVE-2010-0738).

 It works by checking if the target paths require authentication or redirect to a login page that could be
 bypassed via a HEAD request. RFC 2616 specifies that the HEAD request should be treated exactly like GET but
--- a/scripts/http-vuln-cve2011-3368.nse
+++ b/scripts/http-vuln-cve2011-3368.nse
@@ -1,9 +1,12 @@
 description = [[
-Check against CVE-2011-3368 "Reverse Proxy Bypass", as described by http://www.contextis.com/research/blog/reverseproxybypass/
+Checks for the CVE-2011-3368 (Reverse Proxy Bypass) vulnerability in Apache HTTP server's reverse proxy mode.
 The script will run 3 tests:
 o the loopback test, with 3 payloads to handle different rewrite rules
 o the internal hosts test. According to Contextis, we expect a delay before a server error.
 o The external website test. This does not mean that you can reach a LAN ip, but this is a relevant issue anyway.
+
+References:
+ * http://www.contextis.com/research/blog/reverseproxybypass/
 ]]

 ---
--- a/scripts/irc-botnet-channels.nse
+++ b/scripts/irc-botnet-channels.nse
@@ -1,5 +1,5 @@
 description = [[
-Checks an IRC server for channels that may be used by botnets.
+Checks an IRC server for channels that are commonly used by malicious botnets.

 Control the list of channel names with the <code>irc-botnet-channels.channels</code>
 script argument. The default list of channels is
--- a/scripts/reverse-index.nse
+++ b/scripts/reverse-index.nse
@@ -1,6 +1,5 @@
 description = [[
-This script creates a reverse index showing which hosts run a particular
-service rather than just listing the services on each host.
+Creates a reverse index at the end of scan output showing which hosts run a particular service.  This is in addition to Nmap's normal output listing the services on each host.
 ]]

 ---
--- a/scripts/rexec-brute.nse
+++ b/scripts/rexec-brute.nse
@@ -1,5 +1,5 @@
 description=[[
-Performs password guessing against the rexec service.
+Performs brute force password auditing against the classic UNIX rexec (remote exec) service.
 ]]

 ---
--- a/scripts/rlogin-brute.nse
+++ b/scripts/rlogin-brute.nse
@@ -1,6 +1,5 @@
 description=[[
-Performs password guessing against the rlogin service
-The script needs to be run in privileged mode.
+Performs brute force password auditing against the classic UNIX rlogin (remote login) service.  This script must be run in privileged mode on UNIX because it must bind to a low source port number.
 ]]

 ---
--- a/scripts/unusual-port.nse
+++ b/scripts/unusual-port.nse
@@ -1,7 +1,9 @@
 description = [[
-Compares the detected service on a port against the expected service and
-reports deviations. The script requires that a version scan has been run in
-order to be able to discover what service is running on each port.
+Compares the detected service on a port against the expected service
+for that port number (e.g. ssh on 22, http on 80) and reports
+deviations. The script requires that a version scan has been run in
+order to be able to discover what service is actually running on each
+port.
 ]]

 ---