Nmap Development mailing list archives
Re: GSoC 2012 Project - Vulnerability and exploitation specialist
From: David Fifield <david () bamsoftware com>
Date: Fri, 23 Mar 2012 19:04:13 -0700
On Fri, Mar 23, 2012 at 10:36:06PM +0100, Aleksandar Nikolic wrote:
Hi, I am Aleksandar Nikolic, a final year Computer Science student at Faculty Of Technical Sciences, University of Novi Sad. I have certain experience in vulnerability and exploit research, and would like to apply for a position of a Script developer- Vulnerability and exploitation specialist in the following Google Summer Of Code. Since student applications haven't started yet I won't talk a lot about myself now, but guidelines from Google suggest to try to contact the community and possibly discuss the project. In an attempt to prepare for the application and to get familiar with nmap's scripting engine I wrote a script to test for recent Windows RDP vulnerability. Everybody is talking about the vulnerability and until today I was unaware of a way to check if a machine is vulnerable or not without causing the BSoD. My script is based on work by sleepya . His tests are crafted in a way that would avoid triggering the BSoD. Please see the attached code for details. Of course, this script would need to be thoroughly tested, but my tests have shown that it works, at least on Windows XP. Also, I've just started playing with NSE and wanted to share this with you since it is a hot topic currently. Please let me know if I should make some improvements. I hope that you will find it useful.
Thanks Aleksandar. I'm looking forward to reading your application. About the script, I agree that it's mysterious to have so many unexplained hex codes in there. We like to document those whenever possible, otherwise no one will be able to understand and modify the script later. What interests me is how this script works without BSOD when other techniques don't. What makes the difference? That's what I would like to see in documentation comments.
On topic, do you have any suggestions for me regarding the application for this position?
For script writers, we like to see knowledge of Lua and networking, but especially ideas for the kinds of scripts you intend to write that are a good match for your skills. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- GSoC 2012 Project - Vulnerability and exploitation specialist Aleksandar Nikolic (Mar 23)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Toni Ruottu (Mar 23)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist David Fifield (Mar 23)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Aleksandar Nikolic (Mar 24)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Aleksandar Nikolic (Mar 25)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Djalal Harouni (Mar 26)
- Message not available
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Aleksandar Nikolic (Mar 26)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Djalal Harouni (Mar 26)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Aleksandar Nikolic (Mar 28)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist David Fifield (Mar 28)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Djalal Harouni (Mar 29)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Aleksandar Nikolic (Mar 29)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist David Fifield (Mar 29)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Aleksandar Nikolic (Mar 24)