Nmap Development mailing list archives
Re: [NSE] Webservers Directory Traversal Vulnerability (under windows)
From: David Fifield <david () bamsoftware com>
Date: Tue, 22 Jun 2010 20:41:15 -0600
On Sun, Jun 20, 2010 at 08:52:12AM +0200, Gutek wrote:
just a small change (proposal) to keep a clean output. Now the output depends on verbosity. When -v < 1: PORT STATE SERVICE 80/tcp open http | http-passwd: Directory Traversal Found. |_Payload: "../../../../../../../../../../etc/passwd" When -v > 1: PORT STATE SERVICE 80/tcp open http | http-passwd: Directory Traversal Found. | Payload: "../../../../../../../../../../etc/passwd" | Printing first 250 bytes: | root:$1$$iems.VX5yVMByaB1lT8fx.:0:0::/:/bin/sh | sshd:*:65532:65534::/:/bin/false | ftp:*:65533:65534::/:/bin/false |_nobody:*:65534:65534::/:/bin/false BTW and for the record, after -iR tons of webservers so as to test the script I've noticed a probability to find a vulnerable one of about 1 per 50000 (0.002%). 2/3 are Windows boxes, revealed by the 'boot.ini' payloads, 1/3 are *nix ones. And among those last ones, many are Dreamboxes (see http://en.wikipedia.org/wiki/Dreambox )
I committed your changes in r18357. I left out the sensitivity to verbosity. I also put all the payloads in one table, and just called hexify on the ones that need it. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Webservers Directory Traversal Vulnerability (under windows) Gutek (May 24)
- Re: [NSE] Webservers Directory Traversal Vulnerability (under windows) Ron (May 24)
- Re: [NSE] Webservers Directory Traversal Vulnerability (under windows) Gutek (May 24)
- Re: [NSE] Webservers Directory Traversal Vulnerability (under windows) David Fifield (Jun 18)
- Re: [NSE] Webservers Directory Traversal Vulnerability (under windows) Gutek (Jun 19)
- Re: [NSE] Webservers Directory Traversal Vulnerability (under windows) Gutek (Jun 19)
- Re: [NSE] Webservers Directory Traversal Vulnerability (under windows) David Fifield (Jun 22)
- Re: [NSE] Webservers Directory Traversal Vulnerability (under windows) Gutek (May 24)
- Re: [NSE] Webservers Directory Traversal Vulnerability (under windows) Ron (May 24)