Updated documentation for scripts.

scripts/SSLv2-support.nse

@@ -1,5 +1,17 @@
+--- Determines if the target server supports SSL-v2 and what cyphers it
+-- supports.
+--@ouput
+-- 443/tcp open   https   syn-ack\n
+-- |  SSLv2: server still supports SSLv2\n
+-- |       SSL2_RC4_128_WITH_MD5\n
+-- |       SSL2_DES_192_EDE3_CBC_WITH_MD5\n
+-- |       SSL2_RC2_CBC_128_CBC_WITH_MD5\n
+-- |       SSL2_DES_64_CBC_WITH_MD5\n
+-- |       SSL2_RC4_128_EXPORT40_WITH_MD5\n
+-- |_      SSL2_RC2_CBC_128_CBC_WITH_MD5\n
+
 id = "SSLv2"
-description = "determines whether the server (still) supports SSL-v2, and what cyphers it offers."
+description = "Determines whether the server (still) supports SSL-v2, and what cyphers it offers."
 author = "Matt <mb2263@bristol.ac.uk>"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
 

scripts/chargenTest.nse

@@ -1,3 +1,6 @@
+--- This script connects to a UDP chargen service and attempts to read
+-- some data.
+
 id = "Chargen"
 
 description = "Connects to the UDP chargen service and tries to read some bytes"

scripts/ircZombieTest.nse

@@ -1,3 +1,5 @@
+--- Checks if the target is an IRC zombie.
+
 id = "IRC zombie"
 
 description = "If port 113 responds before we ask it then something is fishy.\

scripts/robots.nse

@@ -1,3 +1,16 @@
+---
+--@output
+-- 80/tcp  open   http    syn-ack\n
+-- |  robots.txt: has 156 disallowed entries (40 shown)\n
+-- |  /news?output=xhtml& /search /groups /images /catalogs\n
+-- |  /catalogues /news /nwshp /news?btcid=*& /news?btaid=*&\n
+-- |  /setnewsprefs? /index.html? /? /addurl/image? /pagead/ /relpage/\n
+-- |  /relcontent /sorry/ /imgres /keyword/ /u/ /univ/ /cobrand /custom\n
+-- |  /advanced_group_search /googlesite /preferences /setprefs /swr /url /default\n
+-- |  /m? /m/? /m/lcb /m/news? /m/setnewsprefs? /m/search? /wml?\n
+-- |_ /wml/? /wml/search?\n
+
+
 require('shortport')
 require('strbuf')
 require('http')

scripts/showHTMLTitle.nse

@@ -1,5 +1,8 @@
--- dvt <diman.todorov@gmail.com>
+---
--- Same as Nmap--See http://nmap.org/book/man-legal.html
+--@output
+-- 80/tcp  open   http    syn-ack\n
+-- |_ HTML title: Foo.\n
+--@copyright Same as Nmap--See http://nmap.org/book/man-legal.html
 
 id = "HTML title"
 

scripts/showOwner.nse

@@ -1,3 +1,8 @@
+--- Queries the owner of a service on a scanned port. Uses port 113 to
+-- make the query.
+--@output
+--
+
 id = "Service owner"
 
 description = "Opens a connection to the scanned port, opens a connection to port 113, queries the owner\

scripts/showSMTPVersion.nse

@@ -1,3 +1,8 @@
+--- Queries the version of an SMTP server.
+--@output
+-- 25/tcp open  smtp
+-- |_ SMTP version: 220 mail.foo.com mx-2.bar.com ESMTP Exim 4.64
+
 id = "SMTP version"
 
 description = "Simple script which queries and prints the version of an SMTP server."

scripts/showSSHVersion.nse

@@ -1,3 +1,9 @@
+--- Queries the version from an SSH Server. This typically does not result
+-- in any logs of the connection being made.
+--@output
+-- 22/tcp  open   ssh\n
+-- |_ Stealth SSH version: SSH-2.0-OpenSSH_3.9p1\n
+
 id = "Stealth SSH version"
 
 description = "Connects to an SSH server, queries the version string and echos it back. This tends to result\

scripts/strangeSMTPport.nse

@@ -1,3 +1,10 @@
+--- Checks if SMTP is running on a non-standard port. This usually indicates
+-- crackers or script kiddies have set up a backdoor on the system
+-- to send spam or control your machine.
+--@output
+-- 22/tcp  open   ssh\n
+-- |_ Warning: smtp is running on a strange port.\n
+
 id = "Unexpected SMTP"
 
 description = "\

scripts/xamppDefaultPass.nse

@@ -1,3 +1,10 @@
+--- Checks if the remote host is running XAMP or XAMPP's FTP server
+-- allows access with nobody/xampp. XAMP is an Apache distribution
+-- designed for easy installation and administration.
+-- @output
+-- 21/tcp  open   ftp\n
+-- |_ Login success with u/p: foo/bar\n
+
 id = "XAMPP default pwd"
 
 description = "If the remote host is running XAMP (an Apache distribution\