Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Some scripts for analyzing NetBus
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Sun, 16 Jan 2011 21:38:29 +0200

Should we also have it in the default category? I think this is the
type of thing you might not be actually looking for, but finding about
it by accident would be nice.

On Sat, Jan 15, 2011 at 11:33 PM, Fyodor <fyodor () insecure org> wrote:
On Sat, Jan 15, 2011 at 05:37:53PM +0200, Toni Ruottu wrote:
To this mail, I have attached a patch that should fix all the netbus
script problems that have been pointed out.

Thanks, I've applied that.  I also put netbus-auth-bypass in the safe
category as you suggested in an earlier mail today.  That matches
realvnc-auth-bypass.nse, which is also in the safe category.  There is
the whole "likely to invalidate existing connections to the Netbus
server" aspect, but it sounds like a normal nmap -A scan will do that
anyway.  Also, anyone who actually uses Netbus as a legit remote
administration application has bigger issues to deal with.

Cheers,
Fyodor

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault