Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] New script: qnx-qconn.nse

From: David Fifield <david () bamsoftware com>
Date: Thu, 8 Aug 2013 20:19:42 -0700
On Sun, Jul 28, 2013 at 08:09:37PM +1000, Brendan Coles wrote:

Better late than never. I've implemented all suggested changes. Revised
script attached.

Example output:

PORT     STATE SERVICE VERSION
8000/tcp open  qconn   qconn remote IDE support
| qnx-qconn:
|   VULNERABLE:
|   The QNX QCONN daemon allows remote command execution.
|     State: VULNERABLE
|     Risk factor: High
|     Description:
|       The QNX QCONN daemon allows unauthenticated users to execute
arbitrary operating
|       system commands as the 'root' user.
|
|     References:
|
http://www.fishnetsecurity.com/6labs/blog/pentesting-qnx-neutrino-rtos
|_      http://metasploit.org/modules/exploit/unix/misc/qnx_qconn_exec


Thanks for the script. I renamed it to qconn-exec to match the format of
some other exec scripts, and committed it in r31705.

David Fifield
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: