Add some cross-references to NSEdoc for recent scripts

2025-12-07 05:01:29 +00:00 · 2017-06-14 21:22:52 +00:00
parent 78f650b5e5
commit ea1556c04a
4 changed files with 18 additions and 11 deletions
--- a/scripts/http-cookie-flags.nse
+++ b/scripts/http-cookie-flags.nse
@@ -55,6 +55,7 @@ by it will be checked in addition to the root.
 -- </table>
 --
 -- @see http-enum.nse
 -- @see http-security-headers.nse
 categories = { "default", "safe", "vuln" }
 author = "Steve Benson"
--- a/scripts/http-headers.nse
+++ b/scripts/http-headers.nse
@@ -24,6 +24,8 @@ Performs a HEAD request for the root folder ("/") of a web server and displays t
 --
 --@args path The path to request, such as <code>/index.php</code>. Default <code>/</code>.
 --@args useget Set to force GET requests instead of HEAD.
 --
 --@see http-security-headers.nse
 author = "Ron Bowes"
--- a/scripts/smb-double-pulsar-backdoor.nse
+++ b/scripts/smb-double-pulsar-backdoor.nse
@@ -14,6 +14,8 @@ https://github.com/countercept/doublepulsar-detection-script
 ---
 -- @usage nmap -p 445 <target> --script=smb-double-pulsar-backdoor
 --
 -- @see smb-vuln-ms17-010.nse
 --
 -- @output
 -- | smb-double-pulsar-backdoor:
 -- |   VULNERABLE:
--- a/scripts/smb-vuln-ms17-010.nse
+++ b/scripts/smb-vuln-ms17-010.nse
@@ -5,7 +5,7 @@ local string = require "string"
 description = [[
 Attempts to detect if a Microsoft SMBv1 server is vulnerable to a remote code
- execution vulnerability (ms17-010). 
+ execution vulnerability (ms17-010, a.k.a. EternalBlue).
 The script connects to the $IPC tree, executes a transaction on FID 0 and
 checks if the error "STATUS_INSUFF_SERVER_RESOURCES" is returned to
@@ -26,6 +26,8 @@ References:
 -- @usage nmap -p445 --script smb-vuln-ms17-010 <target>
 -- @usage nmap -p445 --script vuln <target>
 --
 -- @see smb-double-pulsar-backdoor.nse
 --
 -- @output
 -- Host script results:
 -- | smb-vuln-ms17-010:
@@ -116,7 +118,7 @@ local function check_ms17010(host, port, sharename)
      0x5c50,  -- \P
      0x4950,  -- IP
      0x455c   -- E\
-    )
+      )
    stdnse.debug2("SMB: Sending SMB_COM_TRANSACTION")
    result, err = smb.smb_send(smbstate, smb_header, smb_params, '', overrides)
    if(result == false) then
@@ -135,7 +137,7 @@ local function check_ms17010(host, port, sharename)
        return true
      elseif err == 0xc0000022 then
        stdnse.debug1("STATUS_ACCESS_DENIED response received. This system is likely patched.")
-	return false, "This system is patched."
+        return false, "This system is patched."
      elseif err == 0xc0000008 then
        stdnse.debug1("STATUS_INVALID_HANDLE response received. This system is likely patched.")
        return false, "This system is patched."
@@ -157,10 +159,10 @@ action = function(host,port)
    description = [[
 A critical remote code execution vulnerability exists in Microsoft SMBv1
 servers (ms17-010).
-]],
+    ]],
    references = {
-    'https://technet.microsoft.com/en-us/library/security/ms17-010.aspx',
+      'https://technet.microsoft.com/en-us/library/security/ms17-010.aspx',
-    'https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/'
+      'https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/'
    },
    dates = {
      disclosure = {year = '2017', month = '03', day = '14'},