Nmap Development mailing list archives
Re: Please help test WDB/VxWorks NSE script
From: Patrik Karlsson <patrik () cqure net>
Date: Thu, 12 Aug 2010 18:57:01 +0200
Hi, A not very thorough check suggests that the problem occurs here: local comm = rpc.Comm:new("wdb", 1) When a new instance of the Comm class is created a lookup of the program name is performed against nmap-rpc using Util.ProgNameToNumber wdb isn't in that file and would have to be added in order for it to work properly. Regards, //Patrik On 12 aug 2010, at 18.41, Ron wrote:
Just started running it against our environment, though I don't think we have any wdb. I got this error a lot: NSE: wdb-version against x.x.x.x:17185 threw an error! ./nselib/rpc.lua:264: bad argument #5 to 'pack' (number expected, got nil) stack traceback: [C]: in function 'pack' ./nselib/rpc.lua:264: in function 'CreateHeader' ./nselib/rpc.lua:394: in function 'EncodePacket' ./scripts/wdb-version.nse:44: in function 'request' ./scripts/wdb-version.nse:102: in function <./scripts/wdb-version.nse:93> (tail call): ? Thoughts? On Thu, 12 Aug 2010 11:07:40 -0500 Daniel Miller <bonsaiviking () gmail com> wrote:Howdy, list! I have written an NSE script for version detection of the Wind River Debugger (WDB), commonly found on embedded VxWorks devices, and recently brought to light by H. D. Moore [1] at Black Hat. I based it off of the Metasploit wdbrpc_version scanner module, as well as my own research. The script is attached. Big problem: I do not have access to a device running VxWorks with WDB enabled. So I really can't tell if the script will work, or if I still have bugs. Please help me test this! Anyone with access to such a device (or who can point me to an Internet-accessible device with the service running) should just run it like: nmap -sU -p 17185 --script=wdb-version.nse $TARGET In the meantime, I will be working on setting the service version from the script (right now, it just dumps the information it grabs from the service). Thanks, Dan [1] http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html-- Ron Bowes http://www.skullsecurity.org http://www.twitter.com/iagox86 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
-- Patrik Karlsson http://www.cqure.net http://www.twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Please help test WDB/VxWorks NSE script Daniel Miller (Aug 12)
- Re: Please help test WDB/VxWorks NSE script Ron (Aug 12)
- Re: Please help test WDB/VxWorks NSE script Patrik Karlsson (Aug 12)
- Re: Please help test WDB/VxWorks NSE script Daniel Miller (Aug 12)
- Re: Please help test WDB/VxWorks NSE script Daniel Miller (Aug 12)
- Re: Please help test WDB/VxWorks NSE script Daniel Miller (Aug 12)
- Re: Please help test WDB/VxWorks NSE script David Fifield (Aug 16)
- Re: Please help test WDB/VxWorks NSE script Djalal Harouni (Aug 16)
- Re: Please help test WDB/VxWorks NSE script Daniel Miller (Aug 16)
- Re: Please help test WDB/VxWorks NSE script David Fifield (Aug 16)
- Re: Please help test WDB/VxWorks NSE script Ron (Aug 12)
- Re: Please help test WDB/VxWorks NSE script Fyodor (Aug 15)