[ GSoC Nmap scripting engine ]

[Ashish Raste <rasteashish () gmail com>]

Hi all,

I'm Ashish from Singapore. I went through the GSoC ideas list of Nmap.
Being a guy interested in network security and system security, I'm willing
to work for the Nmap scripting engine project. Some of my recent works in
the security related concepts are hosted
here<https://github.com/ashishraste>(a minifirewall and arp-dns-attack
code using pcap library)

My preference list on that project are (i)Vulnerability and exploitation,
(ii)Discovery scanning and (iii)Web scanning.
My concern is on the Lua scripting language which I'm not familiar with but
I believe that I can catch up with it quickly.

After going through some malware related scripts(all of them are written in
Lua I guess), I understood that those scripts look for a particular string
to be in the network packet received, and many of them use built in
functions like format_output, http.get_url which are pretty cool and easy
for retrieving the required data. I would like to get your reply on my
questions below:

1. I am currently following the vulnerability announcement lists including
Bugtraq. I would like to know the expectation for this project and any
starters that you can recommend?
2. Can anyone put forward or refer me to any recent interesting
vulnerability/malware that I can go through and propose a solution for it?
3. Can I submit my initial solution in a pseudocode format or in Bash
scripts until I get a hold on Lua?

I hope I won't be late in submitting my proposal.

Thanks!

Best,
-- 
Ashish
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/