Re: There is a script to detect ms010_061?

[Richard Miles <richard.k.miles () googlemail com>]

Too bad you know it and you can't write it. I believe it's a contract issue :(

What's the problem in write the check for Nessus?

Anyone is working on it?

Thanks

On Fri, Nov 5, 2010 at 8:51 AM, Ron <ron () skullsecurity net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> No, but it IS possible to check for ms10-061 remotely. Against Windows 2000, XP, and 2003, it isn't an *incredibly* 
> difficult check to write. Against Vista and higher it's pretty tricky, but do-able.
>
> I can't personally write it, because I've worked on the check for Nessus, but I encourage others to try! The kb lists 
> the files that were changed:
> http://support.microsoft.com/kb/2347290
>
> And the patchdiff2 tool is free and can be used with IDA to analyze the differences between the patched/unpatched 
> files.
>
> Good luck!
>
>
> On Fri, 5 Nov 2010 08:37:03 -0500 Richard Miles <richard.k.miles () googlemail com> wrote:
> > Hi
> >
> > There is a script to detect  ms010_061? Like you do with
> > smb-check-vulns...
> >
> > If not, should be a awesome improvement.
> >
> > Thanks
> > _______________________________________________
> > Sent through the nmap-dev mailing list
> > http://cgi.insecure.org/mailman/listinfo/nmap-dev
> > Archived at http://seclists.org/nmap-dev/
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.16 (GNU/Linux)
>
> iEYEARECAAYFAkzUC9cACgkQ2t2zxlt4g/QPmACeLATJnK5LSzXrElsEGlfGPFjF
> gW0An2Ko4dLP/YPfxc+AcLUukoUjXy1a
> =LPFh
> -----END PGP SIGNATURE-----
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/