Aleksandar's status report #9 of 17

[Aleksandar Nikolic <nikolic.alek () gmail com>]

Hi all,

Achievements for last week:
- pcanywhere vuln scan still on hold, waiting for some results
- instead of adding a brand new script for tomcat, decided it wasn't worth it
and added more credentials to http-default-accounts
- at David's request looked into brute.lua and ways to specify custom iterators
- looked into and made report for VMWare related vulnerabilities which
came up during last week's NSE brainstorming meeting
- looked into and made report for OpenSSH related vulnerabilities
which came up during last week's NSE brainstorming meeting


An idea for flexible custom iterators for brute scripts came during
discussions with David. The idea is for a script to be able to add
both custom and default iterators as well as to be able just to add a
custom username to the list of existing usernames.
I've started looking into how can this, and similar things, be done
with current versions of brute and unpwdb libs and how it could be
improved.
Next on queue is a new Metasploit brute script.
After that, I'll be focusing on improvements to duplicates.


Aleksandar
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/