Nmap Development mailing list archives
Re: [NSE] New script: qnx-qconn.nse
From: David Fifield <david () bamsoftware com>
Date: Thu, 8 Aug 2013 20:19:42 -0700
On Sun, Jul 28, 2013 at 08:09:37PM +1000, Brendan Coles wrote:
Better late than never. I've implemented all suggested changes. Revised script attached. Example output: PORT STATE SERVICE VERSION 8000/tcp open qconn qconn remote IDE support | qnx-qconn: | VULNERABLE: | The QNX QCONN daemon allows remote command execution. | State: VULNERABLE | Risk factor: High | Description: | The QNX QCONN daemon allows unauthenticated users to execute arbitrary operating | system commands as the 'root' user. | | References: | http://www.fishnetsecurity.com/6labs/blog/pentesting-qnx-neutrino-rtos |_ http://metasploit.org/modules/exploit/unix/misc/qnx_qconn_exec
Thanks for the script. I renamed it to qconn-exec to match the format of some other exec scripts, and committed it in r31705. David Fifield _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] New script: qnx-qconn.nse Brendan Coles (Jul 28)
- Re: [NSE] New script: qnx-qconn.nse David Fifield (Aug 08)