Difference between revisions of "Nmap scripts"

From SkullSpace Wiki
Jump to navigation Jump to search
m
 
(15 intermediate revisions by 4 users not shown)
Line 1: Line 1:
* cvs (in progress)
+
{{Archived}}
** bruteforce pserver
+
 
** list modules
+
* Bruteforce framework improvements
** download source/modules
+
** Handle arbitrary number of inputs (e.g., username, password, repository)
* IMAP
+
** Handle arbitrary number of dictionaries per input
** Bruteforce
+
** Handle arbitrary number of command-line literal strings for inputs
* NRPE (submitted)
+
** Store tables with successful inputs in registry
** Bruteforce
+
** Scripts to write:
** Trigger commands
+
*** CVS pserver (started)
* Dropbox broadcast (submitted)
+
*** SVN (port to framework)
 +
*** Git (port to framework)
 +
*** Monotone
 +
*** Mercurial
 +
*** Bazaar
 +
*** DNSrecon [https://github.com/darkoperator/dnsrecon/blob/master/dnsrecon.py]
 +
*** Synergy (bruteforce, maybe)
 +
*** NRPE ([http://seclists.org/nmap-dev/2010/q4/702 submitted], but not bruteforce)
 +
*** IMAP
 +
*** SNMP (port to framework)
 +
*** POP (port to framework)
 +
*** Metasploit XML-RPC interface [http://www.metasploit.com/redmine/projects/framework/wiki/XMLRPC]
 +
*** Nessus daemon
 +
*** TFTP paths
 +
* Dropbox LanSync broadcast ([http://seclists.org/nmap-dev/2010/q4/689 submitted])
 
* Exim
 
* Exim
 
** Exploit
 
** Exploit
Line 23: Line 37:
 
* Bonjour
 
* Bonjour
 
* Nbstat.nse -> change to using a broadcast prerule
 
* Nbstat.nse -> change to using a broadcast prerule
* IPv6 stuff
+
* IPsec [http://en.wikipedia.org/wiki/Internet_Key_Exchange IKE] enumeration
 +
* IPv6 stuff [https://www.metasploit.com/redmine/projects/framework/repository/revisions/11417]
 
** Neighbour Discovery
 
** Neighbour Discovery
 
** Router Solicitation
 
** Router Solicitation
Line 34: Line 49:
 
* Windows MSRPC clone of rpcinfo.nse
 
* Windows MSRPC clone of rpcinfo.nse
 
* DCOM
 
* DCOM
* WMIC
+
* WMI - hard++
 +
* sip
 +
** brute
 +
** enum
 +
 
 +
[[Category:Projects]]

Latest revision as of 14:41, 4 October 2017

Info.png This page has been archived. All information in this article is historical.
  • Bruteforce framework improvements
    • Handle arbitrary number of inputs (e.g., username, password, repository)
    • Handle arbitrary number of dictionaries per input
    • Handle arbitrary number of command-line literal strings for inputs
    • Store tables with successful inputs in registry
    • Scripts to write:
      • CVS pserver (started)
      • SVN (port to framework)
      • Git (port to framework)
      • Monotone
      • Mercurial
      • Bazaar
      • DNSrecon [1]
      • Synergy (bruteforce, maybe)
      • NRPE (submitted, but not bruteforce)
      • IMAP
      • SNMP (port to framework)
      • POP (port to framework)
      • Metasploit XML-RPC interface [2]
      • Nessus daemon
      • TFTP paths
  • Dropbox LanSync broadcast (submitted)
  • Exim
    • Exploit
  • http spider
    • Needs finishing
  • Signatures for http-enum web apps
  • SNMP BSSID
  • Update brute scripts to use brute.lua
  • SOAP library
  • Debian OpenSSL blacklist [3]
  • PostgreSQL info
  • My IP neighbours
  • Geolocation
  • Bonjour
  • Nbstat.nse -> change to using a broadcast prerule
  • IPsec IKE enumeration
  • IPv6 stuff [4]
    • Neighbour Discovery
    • Router Solicitation
  • 802.1X / EAP
  • SSL renegotiation [5]
  • Microsoft hidden SSL certs [6]
  • Linux local commands over ssh
  • Windows installed software (registry/uninstall)
    • Prefetch
  • Windows MSRPC clone of rpcinfo.nse
  • DCOM
  • WMI - hard++
  • sip
    • brute
    • enum