Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Missing argument documentation 3

From: David Matousek <david () matousec com>
Date: Thu, 24 Jan 2013 19:41:16 +0100
Well, I read there "This script abuses this to inject and execute a Java class
file that executes the supplied shell command and returns its output.". This
sounds kind of intrusive to me, but maybe not according to the definition of
intrusive category. So, just suggesting a check of this. If you find it fitting
then it is all OK.

All best,

David



David Fifield wrote:

On Thu, Jan 24, 2013 at 07:04:20AM +0100, David Matousek wrote:

besides documentation issues in http-userdir-enum and http-vhosts scripts I have reported earlier,
here are some more scripts with similar issues:

ip-forwarding
irc-botnet-channels
jdwp-exec (+ this one is classified as safe + discovery ONLY, is that right?)
jdwp-inject (+ this one is classified as safe + discovery ONLY, is that right?)

Script stuxnet-detect.nse on line 22 is missing '<' character in first "</code>":
--       <code>%h/code> replaced by the host's IP address, and <code>%v</code>

Script wsdd-discover has this usage line in the documentation (and source code):
sudo ./nmap --script broadcast-wsdd-discover
seems like the script was renamed imperfectly ...


Thanks, I've fixed these.

What categories were you thinking for jdwp-exec and jdwp-inject?

David Fifield
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/




_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: