Nmap Development mailing list archives
Re: Re: Choosing a list of scripts (NSE), but ignored by nmap.
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Wed, 1 Apr 2009 19:33:15 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Also remember that Nmap has the --datadir option. I've got so many different SVN builds of Nmap all over the place that my standard-operating-procedure has been to change to the local Nmap directory and then do ./nmap --datadir . <more options here> Also, don't forget to keep your script.db up-to-date. Use: nmap --datadir <path> --script-updatedb Brandon On Wed, 01 Apr 2009 14:04:38 -0500 Ron <ron () skullsecurity net> wrote:
Not all, just the good ones ;) If you run Nmap with -d (or maybe -d2), it'll tell you which scripts are supposed to run, based on the open ports. Try that, and if maybe post it here. Richard Miles wrote:Hi Ron, Good to heard from you again, you are in all mail-lists. :) But all this scripts exist locally, see below: -rw-r--r-- 1 root root 9.3K Sep 12 2008 ASN.nse -rw-r--r-- 1 root root 2.1K Sep 12 2008 HTTPAuth.nse -rw-r--r-- 1 root root 2.4K Sep 12 2008 HTTP_open_proxy.nse -rw-r--r-- 1 root root 2.5K Sep 12 2008 HTTPpasswd.nse -rw-r--r-- 1 root root 2.5K Sep 12 2008 HTTPtrace.nse -rw-r--r-- 1 root root 9.1K Sep 12 2008 MSSQLm.nse -rw-r--r-- 1 root root 5.0K Sep 12 2008 MySQLinfo.nse -rw-r--r-- 1 root root 3.7K Sep 12 2008 PPTPversion.nse -rw-r--r-- 1 root root 1.1K Sep 12 2008 RealVNC_auth_bypass.nse -rw-r--r-- 1 root root 4.3K Sep 12 2008 SMTP_openrelay_test.nse -rw-r--r-- 1 root root 4.3K Sep 12 2008 SMTPcommands.nse -rw-r--r-- 1 root root 2.3K Sep 12 2008 SNMPcommunitybrute.nse -rw-r--r-- 1 root root 2.9K Sep 12 2008 SNMPsysdescr.nse -rw-r--r-- 1 root root 6.4K Sep 12 2008 SQLInject.nse -rw-r--r-- 1 root root 1.3K Sep 12 2008 SSHv1-support.nse -rw-r--r-- 1 root root 6.5K Sep 12 2008 SSLv2-support.nse -rw-r--r-- 1 root root 5.9K Sep 12 2008 UPnP-info.nse -rw-r--r-- 1 root root 1.2K Sep 12 2008 anonFTP.nse -rw-r--r-- 1 root root 2.1K Sep 12 2008 brutePOP3.nse -rw-r--r-- 1 root root 5.4K Sep 12 2008 bruteTelnet.nse -rw-r--r-- 1 root root 589 Sep 12 2008 chargenTest.nse -rw-r--r-- 1 root root 512 Sep 12 2008 daytimeTest.nse -rw-r--r-- 1 root root 6.3K Sep 12 2008 dns-safe-recursion-port.nse -rw-r--r-- 1 root root 6.3K Sep 12 2008 dns-safe-recursion-txid.nse -rw-r--r-- 1 root root 1.2K Sep 12 2008 dns-test-open-recursion.nse -rw-r--r-- 1 root root 602 Sep 12 2008 echoTest.nse -rw-r--r-- 1 root root 490 Sep 12 2008 finger.nse -rw-r--r-- 1 root root 3.8K Sep 12 2008 ftpbounce.nse -rw-r--r-- 1 root root 1.2K Sep 12 2008 iax2Detect.nse -rw-r--r-- 1 root root 6.6K Sep 12 2008 ircServerInfo.nse -rw-r--r-- 1 root root 574 Sep 12 2008 ircZombieTest.nse -rw-r--r-- 1 root root 5.9K Sep 12 2008 nbstat.nse -rw-r--r-- 1 root root 18K Sep 12 2008 netbios-smb-os-discovery.nse -rw-r--r-- 1 root root 885 Sep 12 2008 popcapa.nse -rw-r--r-- 1 root root 4.0K Sep 12 2008 promiscuous.nse -rw-r--r-- 1 root root 863 Sep 12 2008 ripeQuery.nse -rw-r--r-- 1 root root 2.6K Sep 12 2008 robots.nse -rw-r--r-- 1 root root 4.0K Sep 12 2008 rpcinfo.nse -rw-r--r-- 1 root root 5.6K Apr 1 10:39 script.db -rw-r--r-- 1 root root 1.8K Sep 12 2008 showHTMLTitle.nse -rw-r--r-- 1 root root 2.2K Sep 12 2008 showHTTPVersion.nse -rw-r--r-- 1 root root 1.6K Sep 12 2008 showOwner.nse -rw-r--r-- 1 root root 655 Sep 12 2008 showSMTPVersion.nse -rw-r--r-- 1 root root 975 Sep 12 2008 showSSHVersion.nse -rw-r--r-- 1 root root 1.4K Sep 12 2008 skype_v2-version.nse -rw-r--r-- 1 root root 921 Sep 12 2008 strangeSMTPport.nse -rw-r--r-- 1 root root 88K Sep 12 2008 whois.nse -rw-r--r-- 1 root root 1.5K Sep 12 2008 xamppDefaultPass.nse -rw-r--r-- 1 root root 12K Sep 12 2008 zoneTrans.nse I tested --script=all and --scripts=ALL and the result is the same. Any clue for me? Thanks On Wed, Apr 1, 2009 at 1:32 PM, Ron <ron () skullsecurity net> wrote:Richard Miles wrote:Hi I use nmap for a long time, but I'm new at the script world. There are some really exciting scripts.... congratulations! I went to run the following collections of scripts together with nmap: finger,anonFTP,showSMTPVersion,showHTMLTitle,nbstat,HTTPAuth,MSSQLm,MySQLinfo,RealVNC_auth_bypass,netbios-smb-os-discovery,SNMPcommunitybrute,SNMPsysdescr,UPnP-info But it never worked. I used in different ways like: nmap -PN -sT -sU --script=finger,anonFTP,showSMTPVersion,showHTMLTitle,nbstat,HTTPAuth,MSSQLm,MySQLinfo,RealVNC_auth_bypass,netbios-smb-os-discovery,SNMPcommunitybrute,SNMPsysdescr,UPnP-info --script-args=safe=1 -v MyIP nmap -PN -sT -sU --script=finger.nse,anonFTP.nse,showSMTPVersion.nse,showHTMLTitle.nse,nbstat.nse,HTTPAuth.nse,MSSQLm.nse,MySQLinfo.nse,RealVNC_auth_bypass.nse,netbios-smb-os-discovery.nse,SNMPcommunitybrute.nse,SNMPsysdescr.nse,UPnP-info.nse --script-args=safe=1 -v MyIP nmap -PN -sT -sU --script=finger,anonFTP,showSMTPVersion,showHTMLTitle,nbstat,HTTPAuth,MSSQLm,MySQLinfo,RealVNC_auth_bypass,netbios-smb-os-discovery,SNMPcommunitybrute,SNMPsysdescr,UPnP-info -v MyIP nmap -PN -sT -sU --script=ALL -v MyIP nmap -PN -sT -sU --script=/usr/share/nmap/scripts/ -v MyIP nmap -PN -sT -sU -sC -v MyIP What is the problem: At MyIP I have all this services running, and it always only report NETBIOS stuff, sometimes ssh version and sometimes the whois and AS number. :( Why this can be happening? This scripts do not show anything even if it's not vulnerable? For example in the case of VNC. Also at my /usr/share/nmap/scripts/ there is not conflicker check, and it's uptodate. Thanks. _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.OrgHi Richard, The names of the scripts have changed since whatever it is you're using. They're now in the form <protocol>-<script>, such as smb-pwdump.nse. You can find the list in /usr/local/share/nmap/scripts or c:\program files\nmap\scripts. To do all, I use --script=all (not sure if case matters). Good luck with scripts, I'm personally a huge fan of Nmap scripts. I love 'em! :) Ron_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.10 (GNU/Linux) iEYEARECAAYFAknTwXwACgkQqaGPzAsl94LWuQCbBHwH+mcCD046cq6NtAFKWoSM fmoAoJLBe4AuLybzoo2KDN2J0IWHKoxu =dVZu -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Choosing a list of scripts (NSE), but ignored by nmap. Richard Miles (Apr 01)
- Re: Choosing a list of scripts (NSE), but ignored by nmap. Ron (Apr 01)
- Re: Choosing a list of scripts (NSE), but ignored by nmap. Richard Miles (Apr 01)
- Re: Choosing a list of scripts (NSE), but ignored by nmap. Ron (Apr 01)
- Re: Re: Choosing a list of scripts (NSE), but ignored by nmap. Brandon Enright (Apr 01)
- Message not available
- Re: Choosing a list of scripts (NSE), but ignored by nmap. Richard Miles (Apr 03)
- Re: Choosing a list of scripts (NSE), but ignored by nmap. Ron (Apr 04)
- Re: Choosing a list of scripts (NSE), but ignored by nmap. Richard Miles (Apr 01)
- Re: Choosing a list of scripts (NSE), but ignored by nmap. Ron (Apr 01)
- Re: Choosing a list of scripts (NSE), but ignored by nmap. David Fifield (Apr 01)