Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Always practice safe software: a lesson from UnrealIRCd

From: Ron <ron () skullsecurity net>
Date: Mon, 14 Jun 2010 15:51:03 -0500
On Mon, 14 Jun 2010 22:34:57 +0200 Vlatko Kosturjak <kost () linux hr>
wrote:

Just checked this approach. Script prints warning message which says
just to run with -sS same scan. This would not solve:
- if unrealircd is listening on multiple ports (SSL-based or not)
- if -sV is used (this should be recommended to turn off too for this
approach)
- if another scripts are used during scanning (i.e. script=all) which
are irc based (like irc-info.nse), they will also connect/reconnect

There are just too much recommendations to put in order to check to be
reliable, that's why I introduced irc-unrealircd-backdoor.wait
argument which you can pass sleep time. So, recommendations is pretty
simple: try to set irc-unrealircd-backdoor.wait to 100 (or higher) if
block is detected.

New version of the script is in the attachment. Hopefully - final! :)

Kost

You make good points about how they can fail. 

The 'wait' sounds good, but it's still really ugly. If anybody else has better ideas, I'd like to hear it. If not, 
let's go with what you did. 

Has this type of issue come up before?



-- 
Ron Bowes
http://www.skullsecurity.org
http://www.twitter.com/iagox86

Attachment: _bin
Description: 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: