Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [GSoC 2015] Proposal

From: Daniel Miller <bonsaiviking () gmail com>
Date: Sat, 14 Mar 2015 08:56:54 -0500
Egon,

Thanks for your interest! We already have a couple scripts for this kind of
thing. First, there is http-devframework [1], which runs a web spider over
a site looking for signs of particular web frameworks like Django, ASP.NET,
Joomla, etc. Then, we have http-enum [2], which uses a different set of
fingerprints to define particular requests and response checks to identify
various devices, web software, and common URI paths, etc.

I think your idea sounds like it would fit best as a few more fingerprints
in http-devframework. This would be a nice small project to get comfortable
with NSE and Lua syntax. If you're looking for something more advanced, you
could work on an existing bug we have open for our http-slowloris script
[3]. Or you could sift through exploit-db.com or the full-disclosure
mailing list looking for interesting things to turn into exploit scripts.
Here's one example: Seagate Business NAS Unauthenticated Remote Command
Execution [4]

Dan

[1] http://nmap.org/nsedoc/scripts/http-devframework.html
[2] http://nmap.org/nsedoc/scripts/http-enum.html
[3] http://issues.nmap.org/63
[4] http://www.exploit-db.com/exploits/36264/

On Sat, Mar 14, 2015 at 5:43 AM, Egon Stefán <donhekus () gmail com> wrote:


Hi everyone!

I want to write a script which try to find out what popular WCMS system is
used in web servers (e107, SMF, etc).
This isn't the best proposal for the position what i want (Vulnerability
and exploitation specialist), but i think this is good starting for NSE
and Lua.
I want to scan typical folders and files which identify the WCMS system,
this idea is good or think about other idea?

Thanks for help,
Egon

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: