Nmap Development mailing list archives
Re: [NSE] New script krb5-enum-users
From: David Fifield <david () bamsoftware com>
Date: Sat, 22 Oct 2011 11:05:32 -0700
On Sat, Oct 22, 2011 at 03:41:01PM +0200, Patrik Karlsson wrote:
Den 10/22/11 12:54 PM skrev Duarte Silva <duarte.silva () serializing me>:Hi, after looking at Patrik new kerberos user enumeration script, it got me tinkering about the categories of user enumeration scripts. After some grep'ing I got the following categories (I may have missed some?).domino-enum-users.nse:categories = {"intrusive", "auth"} http-userdir-enum.nse:categories = {"discovery", "intrusive"} krb5-enum-users.nse:categories = {"auth", "discovery", "safe"} mysql-users.nse:categories = {"discovery", "intrusive"} ncp-enum-users.nse:categories = {"discovery", "safe"} oracle-enum-users.nse:categories = {"intrusive", "auth"} sip-enum-users.nse:categories = {"intrusive", "auth"} smb-enum-users.nse:categories = {"discovery","intrusive"} smtp-enum-users.nse:categories = {"discovery","external","intrusive"} snmp-win32-users.nse:categories = {"default", "discovery", "safe"} http-wordpress-enum.nse:categories = {"discovery", "auth", "intrusive","vuln"} Taking into account the NSE categories descriptions [1], with the exception of snmp-win32-users.nse and ncp-enum-users.nse, all the scripts should, in my opinion, be considered intrusive since they will brute force the user names. The discovery category would be removed from all of them since we aren't "discover(ing) more about the network by querying public registries". All of them would be in the auth category. Any thoughts? Ideas?I think this sounds reasonable (removing discovery and adding auth). Unless anyone strongly objects feel free to send me a patch and I will apply it.
It sounds good to me too. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] New script krb5-enum-users Patrik Karlsson (Oct 19)
- Re: [NSE] New script krb5-enum-users Duarte Silva (Oct 22)
- Re: [NSE] New script krb5-enum-users Patrik Karlsson (Oct 22)
- Re: [NSE] New script krb5-enum-users David Fifield (Oct 22)
- Re: [NSE] New script krb5-enum-users Duarte Silva (Oct 22)
- Re: [NSE] New script krb5-enum-users Patrik Karlsson (Oct 22)
- Re: [NSE] New script krb5-enum-users Duarte Silva (Oct 23)
- Re: [NSE] New script krb5-enum-users Patrik Karlsson (Oct 22)
- Re: [NSE] New script krb5-enum-users Duarte Silva (Oct 22)