Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Stuxnet / ms10-073 check. Anybody finished it?
From: Richard Miles <richard.k.miles () googlemail com>
Date: Sun, 19 Jun 2011 10:40:49 -0500

Thanks Mark for your fast answer.

This script is very interesting, but I'm talking about an script able
to identify the vulnerability  (ms10-073) exploited by Stuxnet. For
example, smb-check identify if an host is infected by conficker and
it's very nice, but the most interesting in my opinion is the
possibility to detect if my machines are still vulnerable to ms08_067.
Are you considering to extend this script for this check?

I guess it would be awesome.


On Sun, Jun 19, 2011 at 10:14 AM, Mak Kolybabi <mak () kolybabi com> wrote:
On 2011-06-19 10:11, Richard Miles wrote:
Sometime ago I saw that Ron and Mark were discussing about add an check to
Stuxnet / ms10-073, but I never heard anything about it or found the NSE
script. What happened? It was not possible to create an NSE script for this?

I believe stuxnet-detect[1] is what you're looking for.

[1] http://nmap.org/svn/scripts/stuxnet-detect.nse

Mak Kolybabi
<mak () kolybabi com>

() ASCII Ribbon Campaign | Against HTML e-mail
/\  www.asciiribbon.org  | Against proprietary extensions

Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]