133 matches found
mysql-variables NSE Script
Attempts to show all variables on a MySQL server. Script Arguments mysqluser The username to use for authentication. If unset it attempts to use credentials found by mysql-brute or mysql-empty-password. mysqlpass The password to use for authentication. If unset it attempts to use credentials foun...
mysql-users NSE Script
Attempts to list all users on a MySQL server. Script Arguments mysqluser The username to use for authentication. If unset it attempts to use credentials found by mysql-brute or mysql-empty-password. mysqlpass The password to use for authentication. If unset it attempts to use credentials found by...
afp-showmount NSE Script
Shows AFP shares and ACLs. Script Arguments afp.password, afp.username See the documentation for the afp library. Example Usage nmap -sV --script=afp-showmount Script Output PORT STATE SERVICE 548/tcp open afp | afp-showmount: | Yoda's Public Folder | Owner: Search,Read,Write | Group: Search,Read...
citrix-enum-apps NSE Script
Extracts a list of published applications from the ICA Browser service. Example Usage sudo ./nmap -sU --script=citrix-enum-apps -p 1604 Script Output PORT STATE SERVICE 1604/udp open unknown 1604/udp open unknown | citrix-enum-apps: | Notepad | iexplorer | registry editor Requires nmap shortport...
http-iis-webdav-vuln NSE Script
Checks for a vulnerability in IIS 5.1/6.0 that allows arbitrary users to access secured WebDAV folders by searching for a password-protected folder and attempting to access it. This vulnerability was patched in Microsoft Security Bulletin MS09-020, . A list of well known folders almost 900 is use...
auth-owners NSE Script
Attempts to find the owner of an open TCP port by querying an auth daemon which must also be open on the target system. The auth service, also known as identd, normally runs on port 113. Example Usage nmap -sV -sC Script Output 21/tcp open ftp ProFTPD 1.3.1 | auth-owners: nobody 22/tcp open ssh...
auth-spoof NSE Script
Checks for an identd auth server which is spoofing its replies. Tests whether an identd auth server responds with an answer before we even send the query. This sort of identd spoofing can be a sign of malware infection, though it can also be used for legitimate privacy reasons. Example Usage nmap...
dns-random-txid NSE Script
Checks a DNS server for the predictable-TXID DNS recursion vulnerability. Predictable TXID values can make a DNS server vulnerable to cache poisoning attacks see CVE-2008-1447. The script works by querying txidtest.dns-oarc.net see . Be aware that any targets against which this script is run will...
ftp-anon NSE Script
Checks if an FTP server allows anonymous logins. If anonymous is allowed, gets a directory listing of the root directory and highlights writeable files. See also: ftp-brute.nse Script Arguments ftp-anon.maxlist The maximum number of files to return in the directory listing. By default it is 20, o...
skypev2-version NSE Script
Detects the Skype version 2 service. Example Usage nmap -sV Script Output PORT STATE SERVICE VERSION 80/tcp open skype2 Skype Requires comm nmap shortport string local comm = require "comm" local nmap = require "nmap" local shortport = require "shortport" local string = require "string" local U =...
daytime NSE Script
Retrieves the day and time from the Daytime service. Example Usage nmap -sV --script=daytime Script Output PORT STATE SERVICE 13/tcp open daytime |daytime: Wed Mar 31 14:48:58 MDT 2010 Requires comm shortport oops local comm = require "comm" local shortport = require "shortport" local oops =...
sniffer-detect NSE Script
Checks if a target on a local Ethernet has its network card in promiscuous mode. The techniques used are described at . Example Usage nmap -sV --script=sniffer-detect Script Output Host script results: | sniffer-detect: Likely in promiscuous mode tests: "11111111" Requires nmap stdnse string tabl...
iax2-version NSE Script
Detects the UDP IAX2 service. The script sends an Inter-Asterisk eXchange IAX Revision 2 Control Frame POKE request and checks for a proper response. This protocol is used to enable VoIP connections between servers as well as client-server communication. Example Usage nmap -sU -sV -p 4569 Script...