Scanning for Confiker via nmap

[jsawyer at ufl.edu (John Sawyer)]

Grab these three files and you should be good to go.

scripts/smb-check-vulns.nse
nselib/msrpc.lua
nselib/smb.lua

-jhs

On Mar 30, 2009, at 2:11 PM, Chris Merkel wrote:

> You should be able to just grab the NSE file from SVN - no need to
> recompile nmap, right?
>
> - Chris
>
> 2009/3/30 John Sawyer <jsawyer at ufl.edu>:
> > The Conficker check is in the latest SVN version of Nmap. It's in the
> > smb-check-vulns.nse which now checks for Conficker, MS08-067 and a  
> > regsvc
> > DoS.
> >
> > nmap --script smb-check-vulns.nse -p445
> >
> > For safety's sake, you might want to also run it with --script- 
> > args=unsafe=1
> > to prevent possible crashes from the regsvc check. That should not  
> > turn off
> > the conficker check.
> >
> > -jhs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090330/d46f05fc/attachment.htm