Nmap Development mailing list archives
Re: [GSoC 2015] Proposal
From: Egon Stefán <donhekus () gmail com>
Date: Sun, 15 Mar 2015 22:38:33 +0100
Hi, I started to write a script for Seagate Business NAS Unauthenticated Remote Command Execution [1], but i haven't got any idea, how can i test it? I should emulate a test enviroment or something like this? Thanks for help, Egon [1] http://www.exploit-db.com/exploits/36264/ 2015-03-14 14:56 GMT+01:00 Daniel Miller <bonsaiviking () gmail com>:
Egon, Thanks for your interest! We already have a couple scripts for this kind of thing. First, there is http-devframework [1], which runs a web spider over a site looking for signs of particular web frameworks like Django, ASP.NET, Joomla, etc. Then, we have http-enum [2], which uses a different set of fingerprints to define particular requests and response checks to identify various devices, web software, and common URI paths, etc. I think your idea sounds like it would fit best as a few more fingerprints in http-devframework. This would be a nice small project to get comfortable with NSE and Lua syntax. If you're looking for something more advanced, you could work on an existing bug we have open for our http-slowloris script [3]. Or you could sift through exploit-db.com or the full-disclosure mailing list looking for interesting things to turn into exploit scripts. Here's one example: Seagate Business NAS Unauthenticated Remote Command Execution [4] Dan [1] http://nmap.org/nsedoc/scripts/http-devframework.html [2] http://nmap.org/nsedoc/scripts/http-enum.html [3] http://issues.nmap.org/63 [4] http://www.exploit-db.com/exploits/36264/ On Sat, Mar 14, 2015 at 5:43 AM, Egon Stefán <donhekus () gmail com> wrote:Hi everyone! I want to write a script which try to find out what popular WCMS system is used in web servers (e107, SMF, etc). This isn't the best proposal for the position what i want (Vulnerability and exploitation specialist), but i think this is good starting for NSE and Lua. I want to scan typical folders and files which identify the WCMS system, this idea is good or think about other idea? Thanks for help, Egon _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [GSoC 2015] Proposal Egon Stefán (Mar 14)
- Re: [GSoC 2015] Proposal Daniel Miller (Mar 14)
- Re: [GSoC 2015] Proposal Egon Stefán (Mar 15)
- Re: [GSoC 2015] Proposal Daniel Miller (Mar 14)