Photon OS 4.0: Nmap PHSA-2023-4.0-0517

An update of the nmap package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0517. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

ubiquiti-discovery NSE Script

Extracts information from Ubiquiti networking devices. This script leverages Ubiquiti's Discovery Service which is enabled by default on many products. It will attempt to leverage version 1 of the protocol first and, if that fails, attempt version 2. Example Usage nmap -sU -p 10001 --script...

broadcast-jenkins-discover NSE Script

Discovers Jenkins servers on a LAN by sending a discovery broadcast probe. For more information about Jenkins auto discovery, see: Script Arguments broadcast-jenkins.address address to which the probe packet is sent. default: 255.255.255.255 broadcast-jenkins.timeout socket timeout default: 5s...

Unknown OS and Service Banner Reporting

This VT consolidates and reports the information collected by the following VTs: - Collect banner of unknown services OID: 1.3.6.1.4.1.25623.1.0.11154 - Service Detection unknown with nmap OID: 1.3.6.1.4.1.25623.1.0.66286 - Service Detection wrapped with nmap OID: 1.3.6.1.4.1.25623.1.0.108525 - O...

vmware-version NSE Script

Queries VMware server vCenter, ESX, ESXi SOAP API to extract the version information. The same script as VMware Fingerprinter from VASTO created by Claudio Criscione, Paolo Canaletti Script Arguments slaxml.debug See the documentation for the slaxml library. http.host, http.max-body-size,...

Nmap Scanner Detection

Binary data 9057.prm...

Nmap Scanner Detection

Binary data 9056.prm...

smb-vuln-cve2009-3103 NSE Script

Detects Microsoft Windows systems vulnerable to denial of service CVE-2009-3103. This script will crash the service if it is vulnerable. The script performs a denial-of-service against the vulnerability disclosed in CVE-2009-3103. This works against Windows Vista and some versions of Windows 7, a...

tor-consensus-checker NSE Script

Checks if a target is a known Tor node. The script works by querying the Tor directory authorities. Initially, the script stores all IPs of Tor nodes in a lookup table to reduce the number of requests and make lookups quicker. Script Arguments slaxml.debug See the documentation for the slaxml...

mikrotik-routeros-brute NSE Script

Performs brute force password auditing against Mikrotik RouterOS devices with the API RouterOS interface enabled. Additional information: Script Arguments mikrotik-routeros-brute.threads sets the number of threads. Default: 1 brute.credfile, brute.delay, brute.emptypass, brute.firstonly,...

http-vuln-wnr1000-creds NSE Script

A vulnerability has been discovered in WNR 1000 series that allows an attacker to retrieve administrator credentials with the router interface. Tested On Firmware Versions: V1.0.2.6060.0.86 Latest and V1.0.2.5460.0.82NA Vulnerability discovered by c1ph04. Script Arguments...

freelancer-info NSE Script

Detects the Freelancer game server FLServer.exe service by sending a status query UDP probe. When run as a version detection script -sV, the script will report on the server name, current number of players, maximum number of players, and whether it has a password set. When run explicitly --script...

http-server-header NSE Script

Uses the HTTP Server header for missing version info. This is currently infeasible with version probes because of the need to match non-HTTP services correctly. Example Usage nmap -sV Script Output PORT STATE SERVICE VERSION 80/tcp open http Unidentified Server 1.0 PORT STATE SERVICE VERSION 80/t...

whois-domain NSE Script

Attempts to retrieve information about the domain name of the target See also: whois-ip.nse Example Usage nmap --script whois-domain.nse This script starts by querying the whois.iana.org which is the root of the whois servers. Using some patterns the script can determine if the response represent...

teamspeak2-version NSE Script

Detects the TeamSpeak 2 voice communication server and attempts to determine version and configuration information. A single UDP packet a login request is sent. If the server does not have a password set, the exact version, name, and OS type will also be reported on. Example Usage nmap -sU -sV -p...

cassandra-brute NSE Script

Performs brute force password auditing against the Cassandra database. For more information about Cassandra, see: Script Arguments passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb See the documentation for the unpwdb library. creds.service, creds.global See the documentation f...

rpc-grind NSE Script

Fingerprints the target RPC port to extract the target service, RPC number and version. The script works by sending RPC Null call requests with a random high version unsupported number to the target service with iterated over RPC program numbers from the nmap-rpc file and check for replies from t...

broadcast-pim-discovery NSE Script

Discovers routers that are running PIM Protocol Independent Multicast. This works by sending a PIM Hello message to the PIM multicast address 224.0.0.13 and listening for Hello messages from other routers. Script Arguments broadcast-pim-discovery.timeout Time to wait for responses in seconds...

broadcast-bjnp-discover NSE Script

Attempts to discover Canon devices Printers/Scanners supporting the BJNP protocol by sending BJNP Discover requests to the network broadcast address for both ports associated with the protocol. The script then attempts to retrieve the model, version and some additional information for all...

http-traceroute NSE Script

Exploits the Max-Forwards HTTP header to detect the presence of reverse proxies. The script works by sending HTTP requests with values of the Max-Forwards HTTP header varying from 0 to 2 and checking for any anomalies in certain response values such as the status code, Server, Content-Type and...