From ea1556c04a8eb50a0729b14bfe846a80a7e58749 Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Wed, 14 Jun 2017 21:22:52 +0000
Subject: [PATCH] Add some cross-references to NSEdoc for recent scripts

---
 scripts/http-cookie-flags.nse          |  1 +
 scripts/http-headers.nse               |  2 ++
 scripts/smb-double-pulsar-backdoor.nse |  2 ++
 scripts/smb-vuln-ms17-010.nse          | 24 +++++++++++++-----------
 4 files changed, 18 insertions(+), 11 deletions(-)

diff --git a/scripts/http-cookie-flags.nse b/scripts/http-cookie-flags.nse
index 7d8ca57bb..84872fd40 100644
--- a/scripts/http-cookie-flags.nse
+++ b/scripts/http-cookie-flags.nse
@@ -55,6 +55,7 @@ by it will be checked in addition to the root.
 -- </table>
 --
 -- @see http-enum.nse
+-- @see http-security-headers.nse
 
 categories = { "default", "safe", "vuln" }
 author = "Steve Benson"
diff --git a/scripts/http-headers.nse b/scripts/http-headers.nse
index e6eb9aa33..60890fed2 100644
--- a/scripts/http-headers.nse
+++ b/scripts/http-headers.nse
@@ -24,6 +24,8 @@ Performs a HEAD request for the root folder ("/") of a web server and displays t
 --
 --@args path The path to request, such as <code>/index.php</code>. Default <code>/</code>.
 --@args useget Set to force GET requests instead of HEAD.
+--
+--@see http-security-headers.nse
 
 author = "Ron Bowes"
 
diff --git a/scripts/smb-double-pulsar-backdoor.nse b/scripts/smb-double-pulsar-backdoor.nse
index a7df03894..819fe0a57 100644
--- a/scripts/smb-double-pulsar-backdoor.nse
+++ b/scripts/smb-double-pulsar-backdoor.nse
@@ -14,6 +14,8 @@ https://github.com/countercept/doublepulsar-detection-script
 ---
 -- @usage nmap -p 445 <target> --script=smb-double-pulsar-backdoor
 --
+-- @see smb-vuln-ms17-010.nse
+--
 -- @output
 -- | smb-double-pulsar-backdoor:
 -- |   VULNERABLE:
diff --git a/scripts/smb-vuln-ms17-010.nse b/scripts/smb-vuln-ms17-010.nse
index b9b22c239..4a736b520 100644
--- a/scripts/smb-vuln-ms17-010.nse
+++ b/scripts/smb-vuln-ms17-010.nse
@@ -5,7 +5,7 @@ local string = require "string"
 
 description = [[
 Attempts to detect if a Microsoft SMBv1 server is vulnerable to a remote code
- execution vulnerability (ms17-010). 
+ execution vulnerability (ms17-010, a.k.a. EternalBlue).
 
 The script connects to the $IPC tree, executes a transaction on FID 0 and
  checks if the error "STATUS_INSUFF_SERVER_RESOURCES" is returned to
@@ -18,7 +18,7 @@ References:
 * https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
 * https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
 * https://msdn.microsoft.com/en-us/library/ee441489.aspx
-* https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/smb/smb_ms17_010.rb 
+* https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/smb/smb_ms17_010.rb
 * https://github.com/cldrn/nmap-nse-scripts/wiki/Notes-about-smb-vuln-ms17-010
 ]]
 
@@ -26,9 +26,11 @@ References:
 -- @usage nmap -p445 --script smb-vuln-ms17-010 <target>
 -- @usage nmap -p445 --script vuln <target>
 --
+-- @see smb-double-pulsar-backdoor.nse
+--
 -- @output
 -- Host script results:
--- | smb-vuln-ms17-010: 
+-- | smb-vuln-ms17-010:
 -- |   VULNERABLE:
 -- |   Remote Code Execution vulnerability in Microsoft SMBv1 servers (ms17-010)
 -- |     State: VULNERABLE
@@ -36,7 +38,7 @@ References:
 -- |     Risk factor: HIGH
 -- |       A critical remote code execution vulnerability exists in Microsoft SMBv1
 -- |        servers (ms17-010).
--- |       
+-- |
 -- |     Disclosure date: 2017-03-14
 -- |     References:
 -- |       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0143
@@ -114,9 +116,9 @@ local function check_ms17010(host, port, sharename)
       0x0,     --
       0x0700,  -- BCC (Length of "\PIPE\")
       0x5c50,  -- \P
-      0x4950,  -- IP 
+      0x4950,  -- IP
       0x455c   -- E\
-    )
+      )
     stdnse.debug2("SMB: Sending SMB_COM_TRANSACTION")
     result, err = smb.smb_send(smbstate, smb_header, smb_params, '', overrides)
     if(result == false) then
@@ -130,12 +132,12 @@ local function check_ms17010(host, port, sharename)
       stdnse.debug1("Valid SMB_COM_TRANSACTION response received")
 
       --STATUS_INSUFF_SERVER_RESOURCES indicate that the machine is not patched
-      if err == 0xc0000205 then 
+      if err == 0xc0000205 then
         stdnse.debug1("STATUS_INSUFF_SERVER_RESOURCES response received")
         return true
       elseif err == 0xc0000022 then
         stdnse.debug1("STATUS_ACCESS_DENIED response received. This system is likely patched.")
-	return false, "This system is patched."
+        return false, "This system is patched."
       elseif err == 0xc0000008 then
         stdnse.debug1("STATUS_INVALID_HANDLE response received. This system is likely patched.")
         return false, "This system is patched."
@@ -157,10 +159,10 @@ action = function(host,port)
     description = [[
 A critical remote code execution vulnerability exists in Microsoft SMBv1
  servers (ms17-010).
-]],
+    ]],
     references = {
-    'https://technet.microsoft.com/en-us/library/security/ms17-010.aspx',
-    'https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/'
+      'https://technet.microsoft.com/en-us/library/security/ms17-010.aspx',
+      'https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/'
     },
     dates = {
       disclosure = {year = '2017', month = '03', day = '14'},