Nmap Development mailing list archives
Re: [PATCH]+[NSE Script] DNS open recursion (CVE-1999-0024)
From: Kevin Johnson <kjohnson () secureideas net>
Date: Fri, 18 Aug 2006 21:30:05 -0400
On Aug 18, 2006, at 10:26 AM, Felix Groebert wrote:
Hi, I just finished a NSE to test whether a Nameserver resolves a query recursive. I ran into some problems writing the NSE, mainly due to my lack of experience with lua.
What problem did you run into? I am enjoying this LUA stuff and might be able to help.....
I patched NSE 4.20ALPHA4 with a patch from the lua-users mailinglist to support bitwise operations. I did not review the license (probably same as lua) or the security of the patch[3]. The dns-test-open-recursion.lua script requires the patch. See [1] for patches and downloads.
I guess I missed this patch. I will go look for it....
snip..... - NSE is a very cool feature, I really like it <:
I agree completely..... when the idea was first announced I wasn't sure, but now that I have seen the "finished" product, I love it!
Some questions: - Is it possible to generate lua from perl or python?
Funny your should ask, once I finish the readme file, I am going to be sending out a perl program that will generate lua files based on the Nikto database called Nikto-NSE.
[1] http://groebert.org/felix/pub/nmap/nmap-4.20ALPHA4-NSE-bitops.patch http://groebert.org/felix/pub/nmap/dns-test-open-recursion.lua http://groebert.org/felix/pub/nmap/
Again, thanks for the great work on Nmap and the NSE add on Kevin --------------------- GCIA, GCIH, CEH BASE Project Lead http://base.secureideas.net The next step in IDS analysis! _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [PATCH]+[NSE Script] DNS open recursion (CVE-1999-0024) Felix Groebert (Aug 18)
- Re: [PATCH]+[NSE Script] DNS open recursion (CVE-1999-0024) Kevin Johnson (Aug 18)
- Re: [PATCH]+[NSE Script] DNS open recursion (CVE-1999-0024) Diman Todorov (Sep 05)
- Re: [PATCH]+[NSE Script] DNS open recursion (CVE-1999-0024) Diman Todorov (Sep 09)