Nmap Development mailing list archives
Re: [nmap-svn] r33690 - nmap/scripts
From: Daniel Miller <bonsaiviking () gmail com>
Date: Sat, 20 Sep 2014 07:55:56 -0500
Paul and Rob, You are listed as authors on this script, so I'm addressing you directly. The copy of this script that was committed was clearly not the one you tested with: the action function had no return value, so it would never provide any output. I think I've corrected that, but I don't have a vulnerable device to test with. The script looks like it's a bit incomplete. The username and password are retrieved, but only displayed if the user turns on debugging. They should probably be returned along with the vulns report. Also, there's an escape function that's used in several places, but it is just a string.gsub that doesn't actually do any substitutions. I'd appreciate a little more attention given to this script so that users can have confidence in their results. Thanks! Dan On Sat, Sep 20, 2014 at 12:40 AM, <commit-mailer () nmap org> wrote:
Author: dmiller Date: Sat Sep 20 05:40:47 2014 New Revision: 33690 Log: Make http-vuln-wnr1000-creds actually return something Modified: nmap/scripts/http-vuln-wnr1000-creds.nse Modified: nmap/scripts/http-vuln-wnr1000-creds.nse ============================================================================== --- nmap/scripts/http-vuln-wnr1000-creds.nse (original) +++ nmap/scripts/http-vuln-wnr1000-creds.nse Sat Sep 20 05:40:47 2014 @@ -79,13 +79,15 @@ if payload_session then local netgear_username = string.match(escape(payload_session.body), 'Router Admin Username</td>.+align="left">(.+)</td>.+Router Admin') local netgear_password = string.match(escape(payload_session.body), 'Router Admin Password</td>.+align="left">(.+)</td>.+MNUText') - if (username ~= nil and password ~= nil) then + if (netgear_username ~= nil and netgear_password ~= nil) then stdnse.debug1("username : %s", escape(netgear_username)) stdnse.debug1("password : %s", escape(netgear_password)) + vuln.state = vulns.STATE.VULN else stdnse.debug1("We haven't been able to get username/password") end end end end + return vuln_report:make_output(vuln) end _______________________________________________ Sent through the svn mailing list http://nmap.org/mailman/listinfo/svn
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [nmap-svn] r33690 - nmap/scripts Daniel Miller (Sep 20)