Home page logo
/

nmap-dev logo Nmap Development mailing list archives

RE: NSE to audit MS Windows Patch Levels
From: Drazen Popovic <Drazen.Popovic () fer hr>
Date: Sun, 30 Jan 2011 17:55:17 +0100

Hi Yehuda,
what you're talking about is called, in terms of Nessus/OpenVAS, windows local checks.
The concept here is to access the registry remotely using the RPC service called
Remote Registry to check for versions/patches... NSE provides "msrpc.lua" which
relies on "smb.lua" to do RPC stuff, but the implementation of RPC client for
that RPC service is still hanging afaik. So this is in development stage for
the time being.

http://www.openvas.org/compendium/windows-local-security-checks.html

Most of these local checks are automatized in a way that you implement a parser
which reads security advisories written in certain format and generates a script
that will do the check.

Regards,
Dra┬×en.


-----Original Message-----
From: nmap-dev-bounces () insecure org on behalf of Yehuda Eisenstark
Sent: Sun 1/30/2011 16:47
To: nmap-dev () insecure org
Subject: NSE to audit MS Windows Patch Levels
 
Hi,

I'm obviously new to NSE, but was wondering if I wanted to develop NSE
scripts to audit MS Windows machine's patch levels by logging on to the
machines and checking file version numbers (where applicable) are there nmap
lua libraries already written to help me do this? If so are there any
examples someone can point me to?

Thanks,

 - Y
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault