The rpcinfo script can now set version info just like rpc-grind. Since
this requires considerably less traffic than rpc-grind, I made rpc-grind
depend on rpcinfo so that it will avoid running if we can get the
version information this way instead.
Also changed rpcinfo to only run on port 111, not on "rpcbind" service
since that's what -sV labels any detected RPC service.
nfs-showmount scripts to use the new library. The new scripts are:
- nfs-acls shows the owner and directory mode of NFS exports
- nfs-dirlist lists the contents of NFS exports
- nfs-statfs shows file system statistics for NFS exports
[Patrik]
I made every script follow a standard form: it starts with the id, followed by
the description. The description is contained in [[ ]] delimiters. The
description is in the global description variable, not in a LuaDoc comment.
Other LuaDoc information such as @args and @usage follows the description in a
comment.
The first paragraph of each description is a a short summary of what the script
does. More detailed information, if any, is given in following paragraphs.
I also improved some wording and formatting in a few cases.
don't stop the whole script if we don't receive further packets even though
they are expected but process what we got so far instead
remove rpc_ prefix from variable names
as banner-grabbing (get_banner()) and making a quick exchange of data
(exchange()). 16 scripts were updated to use this library. [Kris]
I have *not* been able to test all of these scripts; however, I have
reviewed them and they should all work properly. I would really like
some more testing, though :)
This commit includes scripting.xml documentation.
of scripts chosen from when using -sC (but it's still just another category
and so can be chosen with --script like any other).
On top of updating the docs with information about this new category, I've
also updated sections to emphasize that the "default" category, -sC and -A
are considered intrusive and should not be run against target networks
without permission.
The new list is very similar to the previous "safe,intrusive" list:
Added: finger, ircServerInfo, RealVNC_auth_bypass
Removed: HTTPpasswd
Here are the 21 scripts in this new category:
anonFTP
dns-test-open-recursion
finger
ftpbounce
HTTPAuth
HTTP_open_proxy
ircServerInfo
MSSQLm
MySQLinfo
nbstat
RealVNC_auth_bypass
robots
rpcinfo
showHTMLTitle
showOwner
SMTPcommands
SNMPsysdesr
SSHv1-support
SSLv2-support
UPnP-info
zoneTrans
and reports the listening services and port information (like
rpcinfo -p does). The script was written by Sven Klemm. Fyodor
then enhanced the RPC number list with all of the entries from
nmap-rpc.
