Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Some scripts for analyzing NetBus

From: Toni Ruottu <toni.ruottu () iki fi>
Date: Sun, 16 Jan 2011 21:38:29 +0200
Should we also have it in the default category? I think this is the
type of thing you might not be actually looking for, but finding about
it by accident would be nice.

On Sat, Jan 15, 2011 at 11:33 PM, Fyodor <fyodor () insecure org> wrote:

On Sat, Jan 15, 2011 at 05:37:53PM +0200, Toni Ruottu wrote:

To this mail, I have attached a patch that should fix all the netbus
script problems that have been pointed out.


Thanks, I've applied that.  I also put netbus-auth-bypass in the safe
category as you suggested in an earlier mail today.  That matches
realvnc-auth-bypass.nse, which is also in the safe category.  There is
the whole "likely to invalidate existing connections to the Netbus
server" aspect, but it sounds like a normal nmap -A scan will do that
anyway.  Also, anyone who actually uses Netbus as a legit remote
administration application has bigger issues to deal with.

Cheers,
Fyodor


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: