Re: How Do I Use the Scripts Found in C:\Program Files (x86)\Nmap\scripts

[Teo En Ming <teo.en.ming () gmail com>]

Dear Daniel,

I want to put my newly installed Snort intrusion detection system to the
test. Could you tell me which of the 470 scripts are exploit scripts, ie,
can be used in penetration testing?

Thank you.

Regards,

Teo En Ming


On Tue, Apr 22, 2014 at 11:41 PM, Daniel Miller <bonsaiviking () gmail com>wrote:

> On 04/22/2014 08:24 AM, Teo En Ming wrote:
>
> > Oh I found out already. I just have to specify --scripts "all" to use all
> > the 470 scripts for scanning.
> >
> > Regards,
> >
> > Teo En Ming
> >
> >
> > On Tue, Apr 22, 2014 at 8:22 PM, Teo En Ming <teo.en.ming () gmail com>
> > wrote:
> >
> >  Hi,
> > > How do I construct a nmap command to use the scripts found in C:\Program
> > > Files (x86)\Nmap\scripts ?
> > >
> > > For example, I know I can execute
> > >
> > > nmap -p 443 --script ssl-heartbleed.nse <IP address>
> > >
> > > But what about the other 470 scripts? Are they exploitation scripts?
> > >
> > > Thank you.
> > >
> > > Regards,
> > >
> > > Teo En Ming
> > >
> > >
> > >  _______________________________________________
> > Sent through the dev mailing list
> > http://nmap.org/mailman/listinfo/dev
> > Archived at http://seclists.org/nmap-dev/
> >
> >  Teo En Ming,
>
> Using --script "all" is not recommended, since several of those scripts
> are denial-of-service ("dos" category), some can crash systems, many do not
> work without specific arguments, and at least one will run indefinitely
> (last I checked). Please either use the "default" category (same as doing
> -sC) or do the research on each category or script separately to determine
> the appropriate ones to use.
>
> Dan
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/