Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: Re: [NSE Script] MySQL Server Information

Re: [NSE Script] MySQL Server Information

From: Brandon Enright <bmenrigh_at_ucsd.edu>
Date: Wed, 19 Dec 2007 00:53:12 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 19 Dec 2007 00:40:08 +0000
jah <jah_at_zadkiel.plus.com> wrote:

> I think that this thread is getting difficult to follow! ;)

Agreed.

>
> From my point of view I think it's clear that an ideal would be to
> have one script, which defaults to the "safe" mode of gathering
> information, but which can also be stepped-up to be more intrusive
> should the user require it. Otherwise we'd have a brute-force script
> that did exactly the same as the info script (with, obviously, the
> bruting too) and that seems rather counter-intuitive. Much better, I
> think, to have all the functionality in one script and a) not
> needlessly introduce code redundancy and b) not needlessly increase
> the amount of network activity in such cases (for example) where all
> scripts are run.
>
> For now though the current script is very useful and stands alone.
> In the future (and assuming that MySQLinfo is checked-in), it might
> be replaced with a script that increases the functionality, but
> behaves the same in it's default mode.
>
> And here's a mad thought, there could be a complete overhaul of the
> script category framework which would allow a modifier category of
> some kind:
>
> categories = {"safe", "discovery"}
> modified-by = {"intrusive", "vulnerability"}
>
> so that a script in the above categories would behave safely if a
> script scan called for safe and discovery scripts, but would behave
> more intrusively if a scan called for intrusive and vulnerability
> scripts.
>
> hmmmmm, what thinketh youeth?
>
> jah
>

This is an interesting idea. You can accomplish what you described
above with a few hacks using the registry (may take more than one
script though). Along those lines, I'd like to be able to exclude
scripts by category. For example, we've already had several people hung
up on bruteTelnet.nse. I'd like a couple of categories to be added like
"slow" and "brute-force".

Then, I can run "all" scripts while still not running certain ones like
so:

nmap ... --script=all --no-script=brute-force ...

Sometimes I want to run some intrusive scripts and not others. As we
get more and more scripts, it becomes harder to list the right scripts
and categories without also including ones you don't want.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHaGt4qaGPzAsl94IRAhjDAJ9DFNYHQhaX7fvdR9WHIZXDGzVa4gCgu3TZ
zY4lN4qV4JAEXZb+3Zyaeps=
=h62v
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Dec 18 2007

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]