Difference between revisions of "Nmap scripts"
Jump to navigation
Jump to search
This page has been archived. All information in this article is historical.
m |
|||
| (21 intermediate revisions by 5 users not shown) | |||
| Line 1: | Line 1: | ||
| − | * | + | {{Archived}} |
| − | ** | + | |
| − | ** | + | * Bruteforce framework improvements |
| − | ** | + | ** Handle arbitrary number of inputs (e.g., username, password, repository) |
| − | * IMAP | + | ** Handle arbitrary number of dictionaries per input |
| − | ** | + | ** Handle arbitrary number of command-line literal strings for inputs |
| − | * | + | ** Store tables with successful inputs in registry |
| − | ** | + | ** Scripts to write: |
| − | ** | + | *** CVS pserver (started) |
| + | *** SVN (port to framework) | ||
| + | *** Git (port to framework) | ||
| + | *** Monotone | ||
| + | *** Mercurial | ||
| + | *** Bazaar | ||
| + | *** DNSrecon [https://github.com/darkoperator/dnsrecon/blob/master/dnsrecon.py] | ||
| + | *** Synergy (bruteforce, maybe) | ||
| + | *** NRPE ([http://seclists.org/nmap-dev/2010/q4/702 submitted], but not bruteforce) | ||
| + | *** IMAP | ||
| + | *** SNMP (port to framework) | ||
| + | *** POP (port to framework) | ||
| + | *** Metasploit XML-RPC interface [http://www.metasploit.com/redmine/projects/framework/wiki/XMLRPC] | ||
| + | *** Nessus daemon | ||
| + | *** TFTP paths | ||
| + | * Dropbox LanSync broadcast ([http://seclists.org/nmap-dev/2010/q4/689 submitted]) | ||
* Exim | * Exim | ||
** Exploit | ** Exploit | ||
| Line 16: | Line 31: | ||
* Update brute scripts to use brute.lua | * Update brute scripts to use brute.lua | ||
* SOAP library | * SOAP library | ||
| − | * Debian OpenSSL blacklist | + | * Debian OpenSSL blacklist [http://wiki.debian.org/SSLkeys] |
| − | * | + | * PostgreSQL info |
| − | * My | + | * My IP neighbours |
* Geolocation | * Geolocation | ||
* Bonjour | * Bonjour | ||
* Nbstat.nse -> change to using a broadcast prerule | * Nbstat.nse -> change to using a broadcast prerule | ||
| − | * IPv6 stuff | + | * IPsec [http://en.wikipedia.org/wiki/Internet_Key_Exchange IKE] enumeration |
| − | * | + | * IPv6 stuff [https://www.metasploit.com/redmine/projects/framework/repository/revisions/11417] |
| − | * 802. | + | ** Neighbour Discovery |
| − | * SSL renegotiation | + | ** Router Solicitation |
| − | * Microsoft hidden | + | * 802.1X / EAP |
| + | * SSL renegotiation [http://extendedsubset.com/?p=8] | ||
| + | * Microsoft hidden SSL certs [http://securitytube.net/Observatory-for-SSLiverse-Defcon-18-video.aspx] | ||
* Linux local commands over ssh | * Linux local commands over ssh | ||
* Windows installed software (registry/uninstall) | * Windows installed software (registry/uninstall) | ||
| + | ** Prefetch | ||
| + | * Windows MSRPC clone of rpcinfo.nse | ||
| + | * DCOM | ||
| + | * WMI - hard++ | ||
| + | * sip | ||
| + | ** brute | ||
| + | ** enum | ||
| + | |||
| + | [[Category:Projects]] | ||
Latest revision as of 14:41, 4 October 2017
This page has been archived. All information in this article is historical.- Bruteforce framework improvements
- Handle arbitrary number of inputs (e.g., username, password, repository)
- Handle arbitrary number of dictionaries per input
- Handle arbitrary number of command-line literal strings for inputs
- Store tables with successful inputs in registry
- Scripts to write:
- Dropbox LanSync broadcast (submitted)
- Exim
- Exploit
- http spider
- Needs finishing
- Signatures for http-enum web apps
- SNMP BSSID
- Update brute scripts to use brute.lua
- SOAP library
- Debian OpenSSL blacklist [3]
- PostgreSQL info
- My IP neighbours
- Geolocation
- Bonjour
- Nbstat.nse -> change to using a broadcast prerule
- IPsec IKE enumeration
- IPv6 stuff [4]
- Neighbour Discovery
- Router Solicitation
- 802.1X / EAP
- SSL renegotiation [5]
- Microsoft hidden SSL certs [6]
- Linux local commands over ssh
- Windows installed software (registry/uninstall)
- Prefetch
- Windows MSRPC clone of rpcinfo.nse
- DCOM
- WMI - hard++
- sip
- brute
- enum
