Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [RFC] Default NSE Scripts
From: Fyodor <fyodor () insecure org>
Date: Sat, 10 May 2008 12:10:43 -0700

On Sat, May 10, 2008 at 11:53:38PM +0530, Kris Katterjohn wrote:

Good point.  In fact, we already have such a version detection probe:

match winshell m/^Microsoft Windows ((2000)|(XP)|(NT 4\.0)) \[Version ([\d.]+)\]\r\n\(C\) Copyright 1985-20\d\d 
Microsoft Corp\.\r\n\r\n/ p/Microsoft Windows $1 $5 cmd.exe/ o/Windows/ i/**BACKDOOR**/

Removing this script sounds like the way to go, though making it
demo-only is a reasonable alternative.

I'll put the script in "demo" when I start back working probably later
tonight (or remove it all together if desired).

Unless someone suggests a reason to keep it, I vote for removing
mswindowsShell.nse.  The demo category should be for scripts which
demonstrate something useful or are particularly instructive in
writing NSE scripts.  I don't think it should be a dumping ground for
scripts we don't really want.


Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]