133 matches found
netbus-version NSE Script
Extends version detection to detect NetBuster, a honeypot service that mimes NetBus. Example Usage nmap -sV -p 12345 --script netbus-version Script Output 12345/tcp open netbus Netbuster honeypot Requires nmap shortport stdnse local nmap = require "nmap" local shortport = require "shortport" loca...
Nmap NSE: Auth Spoof
This script attempts to checks for an identd auth server which is spoofing its replies. This is a wrapper on the Nmap Security Scanner's http://nmap.org auth-spoof.nse. OpenVAS Vulnerability Test $Id: gbnmapauthspoof.nasl 7000 2017-08-24 11:51:46Z teissa $ Wrapper for Nmap Auth Spoof NSE script...
firewalk NSE Script
Tries to discover firewall rules using an IP TTL expiration technique known as firewalking. To determine a rule on a given gateway, the scanner sends a probe to a metric located behind the gateway, with a TTL one higher than the gateway. If the probe is forwarded by the gateway, then we can expec...
hddtemp-info NSE Script
Reads hard disk information such as brand, model, and sometimes temperature from a listening hddtemp service. Example Usage nmap -p 7634 -sV -sC Script Output 7634/tcp open hddtemp | hddtemp-info: | /dev/sda: WDC WD2500JS-60MHB1: 38 C Requires comm math shortport string stringaux table local comm...
Nmap NSE: SSH Hostkey
This script attempts to get the target SSH server's key fingerprint and public key. This is a wrapper on the Nmap Security Scanner's http://nmap.org ssh-hostkey.nse OpenVAS Vulnerability Test $Id: gbnmapsshhostkey.nasl 7006 2017-08-25 11:51:20Z teissa $ Wrapper for Nmap SSH Hostkey NSE script...
Nmap NSE: SMTP Open Relay
This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Nmap NSE: SMB Enum Users
This script attempts to enumerate the users on a remote Windows system, with as much information as possible. This is a wrapper on the Nmap Security Scanner's http://nmap.org smb-enum-users.nse. OpenVAS Vulnerability Test $Id: gbnmapsmbenumusers.nasl 7000 2017-08-24 11:51:46Z teissa $ Wrapper for...
Nmap NSE: SMBV2 Enabled
This script attempts to check whether a server is running the SMBv2 protocol or not. This is a wrapper on the Nmap Security Scanner's http://nmap.org smbv2-enabled.nse. OpenVAS Vulnerability Test $Id: gbnmapsmbv2enabled.nasl 7006 2017-08-25 11:51:20Z teissa $ Wrapper for Nmap SMBV2 Enabled NSE...
Nmap NSE: SMB Security Mode
This script attempts to get information about the SMB security level determined by SMB. This is a wrapper on the Nmap Security Scanner's http://nmap.org smb-security-mode.nse. OpenVAS Vulnerability Test $Id: gbnmapsmbsecuritymode.nasl 7006 2017-08-25 11:51:20Z teissa $ Wrapper for Nmap SMB Securi...
Nmap NSE: FTP Bounce
This script attempts to check if the FTP server allows port scanning using the FTP bounce method. This is a wrapper on the Nmap Security Scanner's http://nmap.org ftp-bounce.nse OpenVAS Vulnerability Test $Id: gbnmapftpbounce.nasl 7000 2017-08-24 11:51:46Z teissa $ Wrapper for Nmap FTP Bounce NSE...
giop-info NSE Script
Queries a CORBA naming server for a list of objects. Example Usage nmap -sV -sC Script Output PORT STATE SERVICE REASON 1050/tcp open java-or-OTGfileshare syn-ack | giop-info: | Object: Hello | Context: Test | Object: GoodBye Requires giop shortport stdnse local giop = require "giop" local...
informix-query NSE Script
Runs a query against IBM Informix Dynamic Server using the given authentication credentials see also: informix-brute. Script Arguments informix-query.query The query to run against the server default: returns hostname and version informix-query.username The username used for authentication...
wdb-version NSE Script
Detects vulnerabilities and gathers information such as version numbers and hardware support from VxWorks Wind DeBug agents. Wind DeBug is a SunRPC-type service that is enabled by default on many devices that use the popular VxWorks real-time embedded operating system. H.D. Moore of Metasploit ha...
Nmap NSE: SMB OS Discovery
This script attempts to determine the operating system, computer name, domain, and current time over the SMB protocol. This is a wrapper on the Nmap Security Scanner's http://nmap.org smb-os-discovery.nse OpenVAS Vulnerability Test $Id: gbnmapsmbosdiscovery.nasl 7006 2017-08-25 11:51:20Z teissa $...
ms-sql-query NSE Script
Runs a query against Microsoft SQL Server ms-sql. SQL Server credentials required: Yes use ms-sql-brute, ms-sql-empty-password and/or mssql.username & mssql.password Run criteria: Host script: Will run if the mssql.instance-all, mssql.instance-name or mssql.instance-port script arguments are used...
afp-path-vuln NSE Script
Detects the Mac OS X AFP directory traversal vulnerability, CVE-2010-0533. This script attempts to iterate over all AFP shares on the remote host. For each share it attempts to access the parent directory by exploiting the directory traversal vulnerability as described in CVE-2010-0533. The scrip...
afp-brute NSE Script
Performs password guessing against Apple Filing Protocol AFP. Script Arguments afp.password, afp.username See the documentation for the afp library. passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb See the documentation for the unpwdb library. Example Usage nmap -p 548 --scrip...
qscan NSE Script
Repeatedly probe open and/or closed ports on a host to obtain a series of round-trip time values for each port. These values are used to group collections of ports which are statistically different from other groups. Ports being in different groups or "families" may be due to network mechanisms...
ldap-search NSE Script
Attempts to perform an LDAP search and returns all matches. If no username and password is supplied to the script the Nmap registry is consulted. If the ldap-brute script has been selected and it found a valid account, this account will be used. If not anonymous bind will be used as a last attemp...
ipidseq NSE Script
Classifies a host's IP ID sequence test for susceptibility to idle scan. Sends six probes to obtain IP IDs from the target and classifies them similarly to Nmap's method. This is useful for finding suitable zombies for Nmap's idle scan -sI as Nmap itself doesn't provide a way to scan for these...