Nmap Development mailing list archives
Re: [NSE] script to detect phpfilevault version 09
From: Johanna Curiel <johannapcuriel () gmail com>
Date: Sat, 20 Aug 2016 19:01:12 -0400
Hi Daniel Thank you for the feedback, as you can see I'm a beginner with regards the NSE ;-) . Indeed, adding the path to the http-fingerprints file adds the same functionality, but given the few use of this plugin might not be even worth it. For me is about learning lua and nse scripting, so I appreciate your feedback. With regards NSE scripts that might be more interesting to contribute to, I have been looking to this: https://secwiki.org/w/Nmap/Script_Ideas#vulndb Could you provide a little more info into the requirements described in here? When looking into vulnerabilities and creating NSE scripts for them, what kind of vulnerabilities have priority or could be interesting to write for? I have been looking into them in exploit-db, but as you have pointed out, there are other considerations such as how popular and the impact of the vulnerability, or even considering adding the path to the database if a script like http-enum can be used. After a while writing some lua I kind of feel comfortable enough to write a more robust NSE script where I can contribute , but at the same time, a script that is also valuable to the community. Your guidance on this is highly appreciated. Cheers Johanna On Fri, Aug 19, 2016 at 5:49 PM, Daniel Miller <bonsaiviking () gmail com> wrote:
Johanna, Thanks for this contribution. Given the simplicity of the check, I think you could easily convert it to a http-enum fingerprint [1]. Check out the fingerprints file in nselib/data/http-fingerprints.lua. This has the added benefit of handling a few common cases that might cause false-positives, specifically servers that return 200 OK for every request. I don't think it would work well as a standalone script because of how little this plugin is used: only 119 downloads in the last year, 90 or so of which came immediately after the vulnerability was disclosed. Let us know how it goes! We'd be glad to help and credit you with your first entry in the CHANGELOG. Dan [1] https://nmap.org/nsedoc/scripts/http-enum.html On Thu, Jul 28, 2016 at 10:58 PM, Johanna Curiel <johannapcuriel () gmail comwrote:Hi list, Couple of days ago the following vulnerability was reported https://www.exploit-db.com/exploits/40163/ I wrote the following nse script (tested) https://github.com/jowasp/nmap/blob/master/scripts/http-phpf ilevault09-dir-traversal.nse Cheers Johanna _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] script to detect phpfilevault version 09 Johanna Curiel (Jul 28)
- Re: [NSE] script to detect phpfilevault version 09 Daniel Miller (Aug 19)
- Re: [NSE] script to detect phpfilevault version 09 Johanna Curiel (Aug 20)
- Re: [NSE] script to detect phpfilevault version 09 Johanna Curiel (Aug 21)
- Re: [NSE] script to detect phpfilevault version 09 Johanna Curiel (Aug 20)
- Re: [NSE] script to detect phpfilevault version 09 Daniel Miller (Aug 19)