Home page logo

nmap-dev logo Nmap Development mailing list archives

General Webdav NSE script and the new IIS6 vulnerability
From: Fyodor <fyodor () insecure org>
Date: Tue, 19 May 2009 12:38:40 -0700

Hi All.  I noticed a thread on the security-basics list where someone
was asking about an NSE script to detect the new IIS authentication
bypass vulnerability:

The vuln: http://seclists.org/fulldisclosure/2009/May/att-0134/IIS_Advisory_pdf
More vuln details: http://blog.zoller.lu/2009/05/iis-6-webdac-auth-bypass-and-data.html 
Webdav+Nmap security-basics thread: http://seclists.org/basics/2009/May/0160.html

I was just starting to recognize that we should really write a script
for detecting this when Ron IM'd me to say he was doing just that :).
He's working furiously on it at the moment and we can expect an
announcement from him today!  Yay!

But that security-basics thread also highlighted an old, more general
Webdav script from Kris which some people were using to help find
potentially vulnerable systems (those with IIS6+WebDAV enabled):


So my questions are:

1) What is the status of this script?  Is it ready to be cleaned up
   and integrated?  I suppose it would need NSEDoc comments, but is
   there anything else missing or restructuring needed?  Maybe Kris
   can let us know his thoughts on this.

2) Do people want this script in Nmap?  Anyone want to test it out and
   report back to nmap-dev how it worked for you, whether it would be
   useful for you going forward, and any suggestions you might have
   for improving it?


Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]