Nmap Development mailing list archives
[NSE] Improvement on CVE 2012-1823
From: Paul AMAR <aos.paul () gmail com>
Date: Fri, 6 Dec 2013 23:16:12 +0100
Hi everyone, I did some improvements regarding the NSE script CVE 2012-1823. The attachment file is my improved script. The previous script is located here : https://svn.nmap.org/nmap/scripts/http-vuln-cve2012-1823.nse As asked, I improved the detection method by using an echo command (as George Chatzisofroniou proposed me) Morever, I added the possibility to execute a command. (By default the command is "uname -a") So basically, to launch the script now, it should be like this : ./nmap -p80 --script http-vuln-cve2012-1823 --script-args 'http-vuln-cve2012-1823.cmd=whoami, http-vuln-cve2012-1823.uri=/' 192.168.56.102 To perform my tests, I used a Virtual machine created by PentesterLab which creates a vulnerable environment using this flaw. Feel free to comment my contribution. Regards, Paul And for my first post, quick introduction : I'm currently a student (french) and I'd like to apply to the Google Summer of Code this year.
Attachment:
http-vuln-cve2012-1823.nse
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Improvement on CVE 2012-1823 Paul AMAR (Dec 06)
- Re: [NSE] Improvement on CVE 2012-1823 George Chatzisofroniou (Dec 09)