Lucene search

K
nmapPatrik KarlssonNMAP:CREDS-SUMMARY.NSE
HistoryJun 27, 2011 - 9:21 p.m.

creds-summary NSE Script

2011-06-2721:21:15
Patrik Karlsson
nmap.org
66

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.973 High

EPSS

Percentile

99.8%

Lists all discovered credentials (e.g. from brute force and default password checking scripts) at end of scan.

Script Arguments

creds.[service], creds.global

See the documentation for the creds library.

Example Usage

nmap -sV -sC <target>

Script Output

| creds-summary:
|   10.10.10.10
|     22/ssh
|       lisbon:jane - Account is valid
|   10.10.10.20
|     21/ftp
|       jane:redjohn - Account is locked
|     22/ssh
|       cho:secret11 - Account is valid
|     23/telnet
|       rigsby:pelt - Account is valid
|       pelt:rigsby - Password needs to be changed at next logon
|     80/http
|       lisbon:jane - Account is valid
|       jane:redjohn - Account is locked
|_      cho:secret11 - Account is valid

Requires


local creds = require "creds"

description = [[
Lists all discovered credentials (e.g. from brute force and default password checking scripts) at end of scan.
]]

---
--@output
-- | creds-summary:
-- |   10.10.10.10
-- |     22/ssh
-- |       lisbon:jane - Account is valid
-- |   10.10.10.20
-- |     21/ftp
-- |       jane:redjohn - Account is locked
-- |     22/ssh
-- |       cho:secret11 - Account is valid
-- |     23/telnet
-- |       rigsby:pelt - Account is valid
-- |       pelt:rigsby - Password needs to be changed at next logon
-- |     80/http
-- |       lisbon:jane - Account is valid
-- |       jane:redjohn - Account is locked
-- |_      cho:secret11 - Account is valid


author = "Patrik Karlsson"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"auth", "default", "safe"}


postrule = function()
  local all = creds.Credentials:new(creds.ALL_DATA)
  local tab = all:getTable()
  if ( tab and next(tab) ) then return true end
end

action = function()
  local all = creds.Credentials:new(creds.ALL_DATA)
  return all:getTable()
end

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.973 High

EPSS

Percentile

99.8%

Related for NMAP:CREDS-SUMMARY.NSE