Moved a bunch of scripts to the "safe" category, and some others to "intrusive" after

discussion on nmap-dev about how best to handle these. I also updated the docs and am about to regenerate script.db. See this thread for more info: http://seclists.org/nmap-dev/2009/q3/1008.html
2025-12-27 09:59:04 +00:00 · 2009-10-01 19:07:16 +00:00
parent 8dfb8af45e
commit fea1ab7c39
17 changed files with 19 additions and 19 deletions
--- a/scripts/asn-query.nse
+++ b/scripts/asn-query.nse
@@ -36,7 +36,7 @@ server (your default DNS server, or whichever one you specified with the

 author = "jah, Michael"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"discovery", "external"}
+categories = {"discovery", "external", "safe"}
 runlevel = 1


--- a/scripts/auth-spoof.nse
+++ b/scripts/auth-spoof.nse
@@ -11,7 +11,7 @@ author = "Diman Todorov <diman.todorov@gmail.com>"

 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

-categories = {"malware"}
+categories = {"malware", "safe"}

 require "comm"
 require "shortport"
--- a/scripts/daytime.nse
+++ b/scripts/daytime.nse
@@ -6,7 +6,7 @@ author = "Diman Todorov <diman.todorov@gmail.com>"

 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

-categories = {"discovery"}
+categories = {"discovery", "safe"}

 require "comm"
 require "shortport"
--- a/scripts/dhcp-discover.nse
+++ b/scripts/dhcp-discover.nse
@@ -64,7 +64,7 @@ author = "Ron Bowes <ron@skullsecurity.net>"

 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

-categories = {"default", "discovery"}
+categories = {"default", "discovery", "intrusive"}

 require 'bin'
 require 'bit'
--- a/scripts/finger.nse
+++ b/scripts/finger.nse
@@ -6,7 +6,7 @@ author = "Eddie Bell <ejlbell@gmail.com>"

 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

-categories = {"default", "discovery"}
+categories = {"default", "discovery", "safe"}

 require "comm"
 require "shortport"
--- a/scripts/http-favicon.nse
+++ b/scripts/http-favicon.nse
@@ -20,7 +20,7 @@ author = "Vlatko Kosturjak <kost@linux.hr>"

 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

-categories = {"default", "discovery"}
+categories = {"default", "discovery", "safe"}

 require "shortport"
 require "http"
--- a/scripts/http-headers.nse
+++ b/scripts/http-headers.nse
@@ -22,7 +22,7 @@ author = "Ron Bowes <ron@skullsecurity.org>"

 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

-categories = {"discovery"}
+categories = {"discovery", "safe"}

 require "shortport"
 require "http"
--- a/scripts/http-malware-host.nse
+++ b/scripts/http-malware-host.nse
@@ -24,7 +24,7 @@ author = "Ron Bowes <ron@skullsecurity.net>"

 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

-categories = {"malware"}
+categories = {"malware", "safe"}

 require 'stdnse'
 require 'http'
--- a/scripts/http-trace.nse
+++ b/scripts/http-trace.nse
@@ -19,7 +19,7 @@ author = "Kris Katterjohn <katterjohn@gmail.com>"

 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

-categories = {"discovery"}
+categories = {"discovery", "safe"}

 require "comm"
 require "shortport"
--- a/scripts/http-userdir-enum.nse
+++ b/scripts/http-userdir-enum.nse
@@ -1,6 +1,6 @@
 author = "jah <jah@zadkiel.plus.com>"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"discovery"}
+categories = {"discovery", "intrusive"}
 description = [[
 Attempts to enumerate valid usernames on webservers running with the mod_userdir
 module or similar enabled.
--- a/scripts/imap-capabilities.nse
+++ b/scripts/imap-capabilities.nse
@@ -15,7 +15,7 @@ any site-specific policy.
 author = "Brandon Enright <bmenrigh@ucsd.edu>"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

-categories = {"default"}
+categories = {"default", "safe"}

 require 'imap'
 require 'shortport'
--- a/scripts/irc-info.nse
+++ b/scripts/irc-info.nse
@@ -18,7 +18,7 @@ author = "Doug Hoyte"

 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

-categories = {"default", "discovery"}
+categories = {"default", "discovery", "safe"}

 require("stdnse")
 require "shortport"
--- a/scripts/pop3-capabilities.nse
+++ b/scripts/pop3-capabilities.nse
@@ -15,7 +15,7 @@ server version may be available.
 author = "Philip Pickering <pgpickering@gmail.com>"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

-categories = {"default","discovery"}
+categories = {"default","discovery","safe"}

 require 'pop3'
 require 'shortport'
--- a/scripts/realvnc-auth-bypass.nse
+++ b/scripts/realvnc-auth-bypass.nse
@@ -5,7 +5,7 @@ Checks if a VNC server is vulnerable to the RealVNC authentication bypass
 author = "Brandon Enright <bmenrigh@ucsd.edu>" 
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

-categories = {"default", "vuln"}
+categories = {"default", "vuln", "safe"}

 require "shortport"

--- a/scripts/smtp-strangeport.nse
+++ b/scripts/smtp-strangeport.nse
@@ -14,7 +14,7 @@ author = "Diman Todorov <diman.todorov@gmail.com>"

 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

-categories = {"malware"}
+categories = {"malware", "safe"}

 portrule = function(host, port) 
 	return port.service == "smtp" and
--- a/scripts/sniffer-detect.nse
+++ b/scripts/sniffer-detect.nse
@@ -13,7 +13,7 @@ http://www.securityfriday.com/promiscuous_detection_01.pdf.
 author = "Marek Majkowski <majek04+nse@gmail.com>"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

-categories = {"discovery"}
+categories = {"discovery", "intrusive"}

 -- okay, we're interested only in hosts that are on our ethernet lan
 hostrule = function(host, port)