nmap_lua attack scripting alpha release

[Diman Todorov <diman () xover mud at>]

Hello list,
I just finished a first release of the nmap + lua attack scripting  
system.

The idea is similar to nessus' NASL: scan for open ports and then  
perform
penetration tests on the open ports. The tests are written in lua.
The current version is not final, it is bound to change. Nevertheless  
the basic
infrastructure is working. The tarball contains 4 sample scripts to  
give you an idea of
what can be done with nmap-lua. A script to extract the title from an  
HTML
site, a script to get an smtp version string, a script to print the sshd
version without being logged (echo trick) and a script to show the owner
of a service by querying identd.

The tarball can be downloaded at http://xover.mud.at/~diman/ 
nmap-4.10LUA.tar.bz2
in nmap-4.10LUA/ you will find README-LUA which contains installation
instructions and general documentation regarding execution and  
development
of nmap-lua scripts.

If you have some spare time, you might want to play around with the  
scripts.
Let me know if you find any bugs, if you have ideas, if you write any  
scripts
or if you simply hate my design :)

cheers
Diman


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev