Nmap Development mailing list archives
Re: [NSE] Created NSE script to detect Zimbra 0 day
From: Ron <ron () skullsecurity net>
Date: Thu, 19 Dec 2013 11:10:08 -0800
I fixed up the code quite a bit and submitted it on irc, it cleanly detects vulnerable and patched hosts now. Ron On 19 Dec 2013 10:34, George Chatzisofroniou <sophron () latthi com> wrote:
On Wed, Dec 18, 2013 at 06:18:57PM -0600, Ron wrote:The issue with the script as-is is, once the vuln is patched, it'll keep reporting it's vulnerable, I think, unless they just delete the file. if you try to grab a "bad" file (like /etc/shadow), everything seem to work fine.There are some fixes around already. By fixing the LFI, the HTTP response status won't be 200, so the script will not return a false positive.It works if I switch out the string.match() with "==". I don't know why, though!That's because Lua string.match() method expects a pattern as a second argument (not a raw string) and the special "-" character is interpreted as the Lua modifier for repetitions. Thanks for cathing this. -- George Chatzisofroniou
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] Created NSE script to detect Zimbra 0 day, (continued)
- Re: [NSE] Created NSE script to detect Zimbra 0 day Ron (Dec 18)
- Re: [NSE] Created NSE script to detect Zimbra 0 day Paul AMAR (Dec 19)
- Re: [NSE] Created NSE script to detect Zimbra 0 day Ron (Dec 19)
- Re: [NSE] Created NSE script to detect Zimbra 0 day Ron (Dec 19)
- Re: [NSE] Created NSE script to detect Zimbra 0 day Paul AMAR (Dec 19)
- Re: [NSE] Created NSE script to detect Zimbra 0 day Ron (Dec 19)
- Re: [NSE] Created NSE script to detect Zimbra 0 day Ron (Dec 19)
- Re: [NSE] Created NSE script to detect Zimbra 0 day Daniel Miller (Dec 19)
- Re: [NSE] Created NSE script to detect Zimbra 0 day Robin Wood (Dec 19)
- Re: [NSE] Created NSE script to detect Zimbra 0 day Paul AMAR (Dec 19)
- Re: [NSE] Created NSE script to detect Zimbra 0 day Ron (Dec 18)
- Re: [NSE] Created NSE script to detect Zimbra 0 day Paul AMAR (Dec 20)