Nmap Development mailing list archives
Re: Help w\Conficker command
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Tue, 31 Mar 2009 22:10:30 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 31 Mar 2009 12:58:36 -0400 "Tepper Claudia A" <Claudia.Tepper () ci irs gov> wrote:
Brandon ~ First let me thank you for this new version and it's capabilities!!
Actually the work was done by Ron and a couple other researchers.
Here is the command I'm running for Conficker: nmap -PN -T4 -p139,445 -n -v --script=smb-check-vulns --script-args=unsafe=1 singleipaddress I did have to rename the c:\program files\nmap\script directory to scripts Here is the error: Host script results: | smb-check-vulns: | MS08-067: FIXED |_ Conficker: ERROR: NT_STATUS_NOT_SUPPORTED This is being run on WindowsXP, Service Pack 2. Please help - we have a whole network to scan. Thank you! Claudia
I'm not sure what that NT error is or means but I think others on the list will be able to chime in with why Windows would be reporting that issue. I should point out that the Conficker check is nearly the same as what actual exploitation requires. It is unlikely that a machine running an NT error like the one above would be exploitable (and of course, in this case the machine is patched). Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.10 (GNU/Linux) iEYEARECAAYFAknSlN0ACgkQqaGPzAsl94I8QQCcCGub9zE+smoHf046Ta6lKQOz ktMAnAjwO49xzccDC/gPUHFF2j32tXTR =uTUD -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Help w\Conficker command Tepper Claudia A (Mar 31)
- Re: Help w\Conficker command Brandon Enright (Mar 31)