From f88bb76726f55e03439b97b23ef08c58d294a6e7 Mon Sep 17 00:00:00 2001 From: gorjan Date: Fri, 3 Jun 2011 14:41:44 +0000 Subject: [PATCH] Updated todo list. --- todo/gorjan.txt | 82 +++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 70 insertions(+), 12 deletions(-) diff --git a/todo/gorjan.txt b/todo/gorjan.txt index 60d0d1b9c..f8d9bc1e3 100644 --- a/todo/gorjan.txt +++ b/todo/gorjan.txt @@ -1,25 +1,83 @@ -== - -GSoC 2011 participation: - -* Discovery and miscelaneous script specialist - -== +===== +GSoC 2011 participation: Discovery and miscelaneous script specialist +===== Work in progress: * ip-geolocation method research and script development -== +===== ToDo: * broadcast-ping.nse - * Selection of discovery script candidates +* Set up virtual machine so I don't install servers localy (Arch?) -== +===== -Maybe: +Maybe (the ones with ** aren't on the Script_Ideas Page yet) -== +** faceniff-discovery +http://faceniff.ponury.net/ +Try if Faceniff can be detected using similar methods to firesheep + +** targets-lltd (and perhaps otherscripts) +** lltd-info (?) +http://en.wikipedia.org/wiki/Link_Layer_Topology_Discovery + +** targets-lldp +http://en.wikipedia.org/wiki/Link_Layer_Discovery_Protocol + +** disjunctive-traceroute + target add +http://ccr.sigcomm.org/online/?q=node/398 + +* firesheep-discovery +http://research.zscaler.com/2010/11/detecting-firesheep.html + +* Bonjour / mdns / llmnr etc. +(DNS protocols support) + backscatter into dns scripts where applicable + +* targets-asn +John Bond is working on this. It's called asn-to-prefixes. Perhaps I could +review it, asist so it makes its way to the library faster? On the other hand +there already are a couple of people assisting. + +* targets-dhcp +dhcp-discover as a prerule, so it doesn't run by default. But it doesn't run by +default. It's discovery, intrusive, but not default. Maybe just add the prerule +there, and some way of forcibly initiating the prerule (like an argument). + +* imap-brute +The library will need to be extended. + +* hnap-info +* hnap-auth-bypass +A nice hnap library would be fitting, that will make these scripts a breeze. +I'd need testing equipment, or some :S implementation. + +* snmp-brute port to brute framework +There are a couple of default passwords that snmp-brute uses atm which should be +considered even when it's the brute.lua is used + +* pop-brute port to brute fraework + +* vuze-dht-version +* bittorrent-dht-nodes +* bgpmon-info +* Nbstat.nse -> change to using a broadcast prerule +* SSL renegotiation +* soap.lua +* xmlrpc.lua + +===== + +Completed: + +* snmp-interfaces patch related to mac-geolocation +* mac-geolocation +* stdnse.lua: in_port_range() +* backorifice-brute +* backorifice-info + +===== \ No newline at end of file