Difference between revisions of "Nmap scripts"

From SkullSpace Wiki
Jump to navigation Jump to search
Line 17: Line 17:
 
*** SNMP (port to framework)
 
*** SNMP (port to framework)
 
*** POP (port to framework)
 
*** POP (port to framework)
*** Metasploit XML-RPC interface
+
*** Metasploit XML-RPC interface [http://www.metasploit.com/redmine/projects/framework/wiki/XMLRPC]
 
*** Nessus daemon
 
*** Nessus daemon
 
*** TFTP paths
 
*** TFTP paths

Revision as of 05:20, 27 December 2010

  • Bruteforce framework improvements
    • Handle arbitrary number of inputs (e.g., username, password, repository)
    • Handle arbitrary number of dictionaries per input
    • Handle arbitrary number of command-line literal strings for inputs
    • Store tables with successful inputs in registry
    • Scripts to write:
      • CVS pserver (started)
      • SVN (port to framework)
      • Git (port to framework)
      • Monotone
      • Mercurial
      • Bazaar
      • DNSrecon [1]
      • Synergy (bruteforce, maybe)
      • NRPE (submitted, but not bruteforce)
      • IMAP
      • SNMP (port to framework)
      • POP (port to framework)
      • Metasploit XML-RPC interface [2]
      • Nessus daemon
      • TFTP paths
  • Dropbox LanSync broadcast (submitted)
  • Exim
    • Exploit
  • http spider
    • Needs finishing
  • Signatures for http-enum web apps
  • SNMP BSSID
  • Update brute scripts to use brute.lua
  • SOAP library
  • Debian OpenSSL blacklist [3]
  • PostgreSQL info
  • My IP neighbours
  • Geolocation
  • Bonjour
  • Nbstat.nse -> change to using a broadcast prerule
  • IPv6 stuff
    • Neighbour Discovery
    • Router Solicitation
  • 802.1X / EAP
  • SSL renegotiation [4]
  • Microsoft hidden SSL certs [5]
  • Linux local commands over ssh
  • Windows installed software (registry/uninstall)
    • Prefetch
  • Windows MSRPC clone of rpcinfo.nse
  • DCOM
  • WMI - hard++