Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Adding "dangerous" checks?

From: "Richard Sammet" <richard.sammet () googlemail com>
Date: Mon, 3 Nov 2008 17:55:30 +0100
Hi Ron,

how about using the check method/function from the metasploit exploit
module for this "bug"?

http://metasploit.com/svn/framework3/trunk/modules/exploits/windows/smb/ms08_067_netapi.rb

the actual licens should be fine with nmap's - please correct me if i
am wrong on this one.

as of "Oct-10-2008 Metasploit 3.2 BSD Licensing (hdm)"
(http://metasploit.com/blog/) everything should be fine....

best regards,
richard


On Mon, Nov 3, 2008 at 12:18 PM, Ron <ron () skullsecurity net> wrote:

I was thinking of adding a check for ms08-067 (among others) as a script
based on the traffic generated by this:
http://labs.portcullis.co.uk/downloads/ms08-067_check.py

However, it can potentially crash the srvsvc.exe service, which forces a
reboot. I'm also not sure how licensing works if I'm working from a packet
capture (this code may originally be from a Nessus plugin).

Thoughts?

Ron

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org





-- 
The major quality problem of open mailing lists is that everybody can
take part. (/me)

ATTENTION!
PLEASE ENCRYPT MESSAGES AND ATTACHMENTS IF THEY CONTAIN PRIVATE INFORMATION!

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: