Nmap Development mailing list archives
nmap_lua attack scripting alpha release
From: Diman Todorov <diman () xover mud at>
Date: Fri, 16 Jun 2006 01:27:57 +0200
Hello list, I just finished a first release of the nmap + lua attack scripting system. The idea is similar to nessus' NASL: scan for open ports and then perform penetration tests on the open ports. The tests are written in lua. The current version is not final, it is bound to change. Nevertheless the basic infrastructure is working. The tarball contains 4 sample scripts to give you an idea of what can be done with nmap-lua. A script to extract the title from an HTML site, a script to get an smtp version string, a script to print the sshd version without being logged (echo trick) and a script to show the owner of a service by querying identd. The tarball can be downloaded at http://xover.mud.at/~diman/ nmap-4.10LUA.tar.bz2 in nmap-4.10LUA/ you will find README-LUA which contains installation instructions and general documentation regarding execution and development of nmap-lua scripts. If you have some spare time, you might want to play around with the scripts. Let me know if you find any bugs, if you have ideas, if you write any scripts or if you simply hate my design :) cheers Diman _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- nmap_lua attack scripting alpha release Diman Todorov (Jun 15)