I made every script follow a standard form: it starts with the id, followed by
the description. The description is contained in [[ ]] delimiters. The
description is in the global description variable, not in a LuaDoc comment.
Other LuaDoc information such as @args and @usage follows the description in a
comment.
The first paragraph of each description is a a short summary of what the script
does. More detailed information, if any, is given in following paragraphs.
I also improved some wording and formatting in a few cases.
involves traffic between the target and a third-party host. It's fairly
innocuous because there's no third-party traffic from the scanning computer, so
I left it in the default category.
available rather than lines if neither the "bytes" nor "lines" options are
given. Thanks to Brandon for reporting a problem which he noticed in the
dns-test-open-recursion script. [Kris]
* Merge the "backdoor" category into "malware"
* Add "auth" for authentication credential determination
* Rename "vulnerability" to "vuln"
* Place 12 scripts into their correct categories
as banner-grabbing (get_banner()) and making a quick exchange of data
(exchange()). 16 scripts were updated to use this library. [Kris]
I have *not* been able to test all of these scripts; however, I have
reviewed them and they should all work properly. I would really like
some more testing, though :)
This commit includes scripting.xml documentation.
of scripts chosen from when using -sC (but it's still just another category
and so can be chosen with --script like any other).
On top of updating the docs with information about this new category, I've
also updated sections to emphasize that the "default" category, -sC and -A
are considered intrusive and should not be run against target networks
without permission.
The new list is very similar to the previous "safe,intrusive" list:
Added: finger, ircServerInfo, RealVNC_auth_bypass
Removed: HTTPpasswd
Here are the 21 scripts in this new category:
anonFTP
dns-test-open-recursion
finger
ftpbounce
HTTPAuth
HTTP_open_proxy
ircServerInfo
MSSQLm
MySQLinfo
nbstat
RealVNC_auth_bypass
robots
rpcinfo
showHTMLTitle
showOwner
SMTPcommands
SNMPsysdesr
SSHv1-support
SSLv2-support
UPnP-info
zoneTrans
