mailing list archives
Re: [RFC] Default NSE Scripts
From: Fyodor <fyodor () insecure org>
Date: Sat, 10 May 2008 12:10:43 -0700
On Sat, May 10, 2008 at 11:53:38PM +0530, Kris Katterjohn wrote:
Good point. In fact, we already have such a version detection probe:
match winshell m/^Microsoft Windows ((2000)|(XP)|(NT 4\.0)) \[Version ([\d.]+)\]\r\n\(C\) Copyright 1985-20\d\d
Microsoft Corp\.\r\n\r\n/ p/Microsoft Windows $1 $5 cmd.exe/ o/Windows/ i/**BACKDOOR**/
Removing this script sounds like the way to go, though making it
demo-only is a reasonable alternative.
I'll put the script in "demo" when I start back working probably later
tonight (or remove it all together if desired).
Unless someone suggests a reason to keep it, I vote for removing
mswindowsShell.nse. The demo category should be for scripts which
demonstrate something useful or are particularly instructive in
writing NSE scripts. I don't think it should be a dumping ground for
scripts we don't really want.
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org
Re: [RFC] Default NSE Scripts jah (May 10)
Re: [RFC] Default NSE Scripts Diman Todorov (May 11)
Re: [RFC] Default NSE Scripts Fyodor (May 12)