Wai Tuck's GSOC status report #8 of 17

[Wong Wai Tuck <wongwaituck () gmail com>]

Hey list,

Accomplishments
- Finished Puppet Script, made a PR - #928 [1]
- Submitted a long email containing the details for the upcoming pwdprofile
integration with unpwdb and pwdmangle, you can check it out here [2] and
comment on it if you haven't seen it already!
- Added file verification functionality to see if the correct file was
included for the lfi checks in exploit.lua

Priorities
- Add more file signatures to the file verification functionality
- Start work on pwdprofile and pwdmangle once feedback from the community
is received
- Explore adding XSS payloads and SQL payloads into exploit.lua
- Write an exploit script (I have a bunch of ASUS routers and am looking at
CVE-2017-6548 [3] now)

[1]: https://github.com/nmap/nmap/pull/928
[2]: http://seclists.org/nmap-dev/2017/q3/0
[3]: https://www.exploit-db.com/exploits/41573/

Thanks!

Wai Tuck

On Tue, Jun 27, 2017 at 4:23 AM Wong Wai Tuck <wongwaituck () gmail com> wrote:

> Hey all!
>
> I have received some feedback for exploit.lua and have looked at several
> scripts and now I have a much clearer idea of what to write in the coming
> weeks.
>
> This week has been productive and I had a lot of great fun working with
> Puppet!
>
> Accomplishments
> - Wrote and committed http-vuln-cve2017-8917.nse as of revision 36825.
> - Wrote a script to detect the naive signing misconfiguration in Puppet
> servers
> - Wrote some improvements for http-passwd, waiting for mentor's feedback
>
> Priorities
> - Complete Puppet misconfiguration script
> - Complete http-passwd improvements
> - Continue development of exploit.lua
> - Start work on password profiling and password mangling
>
> With Regards
> Wai Tuck
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/