Nmap Development mailing list archives
Re: [RFC] Default NSE Scripts
From: Kris Katterjohn <katterjohn () gmail com>
Date: Mon, 12 May 2008 15:34:46 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Fyodor wrote:
Does anyone have concrete reasons why it is important to enumerate the full list of supported SSL2 ciphers? If not, I suggest that we change the script to only print those in debugging mode or when verbosity level is at least 2. With that change, I think it is reasonable to keep the script default.
I've attached a patch to change this. I've also pasted in the newest list below (I've kept SSLv2-support on the Non-Default list for now in case there is a good reason to keep it as-is). Default: * anonFTP * dns-test-open-recursion - Is this useful often enough? * finger * ftpbounce * HTTPAuth * HTTP_open_proxy * MSSQLm * MySQLinfo * nbstat * RealVNC_auth_bypass * robots * rpcinfo * showHTMLtitle * showOwner * SMTPsysdesr * SSHv1-support * UPnP-info Not Default: * bruteTelnet - Too intrusive and slow * chargenTest - Obscure / "demo" * daytimeTest - Obscure / "demo" * echoTest - Obscure / "demo" * HTTPpasswd - A bit too intrusive and probably not useful enough * HTTPtrace - Not default material * iax2Detect - "version" * ircServerInfo - I don't think this is default material (but I'm also not an IRC user) * ircZombieTest - "malware" * kibuvDetection - "malware" * netbios-smb-os-detection - I want this to be default, but it's "version" * PPTPversion - "version" * promiscuous - I don't think it's useful enough * ripeQuery - Abusive to RIPE * showHTTPversion - Obscure / only category is "" * showSMTPVersion - Obscure / "demo" * showSSHVersion - Obscure / "demo" * skype_v2-version - "version" * SMTPcommands - Too much output currently * SMTP_openrelay_test - "demo" because of "real hostname" issue * SQLInject - Obvious reasons :) * SSLv2-support - Produces quite a bit of output -- I submitted a patch * strangeSMTPport - Obscure / "backdoor" * xamppDefaultPass - "vulnerability" * zoneTrans - Just doesn't seem like default material IMO
Cheers, -F
Thanks, Kris Katterjohn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSCip4v9K37xXYl36AQKYGg/9FqE6IO3u/Oxoqy86ZBmnfClCoY+nIex+ QSR6+l67eKZ/Fu2OecTRY62F2LLVPaVI3Di+taw4G5JC53meM+HE2BFUQrDUwfOC bpZrBYX5bbiuPokQqtUT5RCwwUkQdFp2KqNfM7PvIbysPZ+hUny9teZABc/peQrV 5/ifV9SIWm576TkuNeV9BAe+kMpJptgNyyuXjqL/XhvrS5ph77kYIwEGZQHf5+f2 v6llW2R6zuoNCV809nzqnzMQ9LY1hZfh/WOldcMrpxPtTHuTBrc3ua8DU9ZZOoxd JKlwFXjSaLthc6hiSmZl5lgFf69HgHEqGnoP2IKjx1uJfyJd0ADMcR2s1kDGVa0s fu8wweVl0W20GqV5AnYiA9mFNpJ2TH9YX9LfstlPjWW3VltrZqp4oi8SPsKVjaZV XKQeoKzoZ/35rXr5I4jp+PHvJtU+nn/q0isI2kARqNlmVBEtwXqjtomkURJt6fTg XZRBcDivkHEk7aeYICAMW8OGCoXK3wDB6luW+O6/euXjkOqRaOoJtwaSd184xElP TRVUlI+GRA0QliC4PxFR85XVePHZ3EBeP8y+ChFmkbS8swo1lPCuVsS/UCl6S9Rt VQJro1Df5/SMQscp2tDj2kMAGJIVZaFLP60JZhTks4A5ta1jXxl4SzjQKtoHghfi WZtp6l88XVI= =RqbK -----END PGP SIGNATURE-----
Index: scripts/SSLv2-support.nse =================================================================== --- scripts/SSLv2-support.nse (revision 7475) +++ scripts/SSLv2-support.nse (working copy) @@ -202,15 +202,13 @@ -- actually run some tests: if (ssl_version == string.char(0x00, 0x02)) then return_string = "server still supports SSLv2\n"; + else + return end - available_cyphers = cyphers(cypher_list, cyphers_len); - - if ( string.len(return_string) > 0 - or string.len(available_cyphers) > 0) then - return return_string .. available_cyphers; - else - return; + if (nmap.verbosity() > 1 or nmap.debugging() > 0) then + available_cyphers = cyphers(cypher_list, cyphers_len); end + return return_string .. available_cyphers; end
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: [RFC] Default NSE Scripts, (continued)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 10)
- Re: [RFC] Default NSE Scripts Fyodor (May 10)
- Re: [RFC] Default NSE Scripts jah (May 10)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 10)
- Re: [RFC] Default NSE Scripts Daniel Roethlisberger (May 12)
- Re: [RFC] Default NSE Scripts Arturo 'Buanzo' Busleiman (May 12)
- Re: [RFC] Default NSE Scripts Fyodor (May 12)
- Re: [RFC] Default NSE Scripts Fyodor (May 12)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 10)
- Re: [RFC] Default NSE Scripts Diman Todorov (May 11)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 12)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 12)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 14)
- Re: [RFC] Default NSE Scripts jah (May 14)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 14)
- Re: [RFC] Default NSE Scripts Brandon Enright (May 14)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 14)