New NSE: KnFTPD service | Find and Explore (CVE-2012-5905)

[Leandro Rocha <lrocha () conviso com br>]

Hello folks,

I have written a NSE script to check a vulnerability to CVE-2012-5905. If
the target is vulnerable, the script is going to execute a remote code and
get a Command Shell.

There is no patch available for this vulnerability yet.

Because of the exploration do not know if this script is in agreement with
the proposal of Nmap which is network discovery and security auditing.
Regardless of this the script is available to everyone, if needs some
adaptation to submit to Nmap, let me know.

It follows references about the script.

Code:
https://github.com/rochax/NSEE

Video:
http://www.youtube.com/watch?feature=player_embedded&v=HJv5I5xCVU8

Blog Post:
http://goo.gl/5bwne<http://translate.google.com.br/translate?hl=pt-BR&sl=pt&tl=en&u=http%3A%2F%2Fblog.conviso.com.br%2F2013%2F01%2Fexploracao-automatizada-com-nmap.html>


Cheers,
Leandro
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/