Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: GSoC 2011: NSE Script Development
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Sat, 2 Apr 2011 22:54:11 +0300

If there is some particularly long listing you might want to have a
separate script for that one and limit default output like
quake3-getservers and gopher-info do. Otherwise I'd say just write it
first. It is always easier to work on details once we see how it looks
in practice.

On Sat, Apr 2, 2011 at 10:40 PM, Gorjan Petrovski <mogi57 () gmail com> wrote:
I've been looking through the commands that the client can send and it
seems that the info script output is going to be very long. There are
many commands which if successful, would produce valuable information
(ex. system passwords, running processes). I'm still selecting which
information would be included in the output, but I had to ask, is
there a maximum preferred length for the script output?


On Sat, Apr 2, 2011 at 7:14 PM, Gorjan Petrovski <mogi57 () gmail com> wrote:
Sorry I didn't answer sooner, I'm getting right on it.

On Thu, Mar 31, 2011 at 3:32 PM, Toni Ruottu <toni.ruottu () iki fi> wrote:
The output will probably be somewhat similar to that of netbus-info.
See the example output at
http://nmap.org/nsedoc/scripts/netbus-info.html There is no need to
copy the categories from netbus-info. Just use what ever makes most
sense with backorifice.

On Thu, Mar 31, 2011 at 2:12 AM, David Fifield <david () bamsoftware com> wrote:
On Wed, Mar 30, 2011 at 09:10:53PM +0200, Gorjan Petrovski wrote:
Hello,

I have experimented somewhat with the Windows and Unix backorifice
client, and found out that the Unix client is constantly crashing the
server. I'll use the Unix client source code for reference(for crypto,
etc.), however I'm gonna base most of the script on the Wireshark
analyses of the Windows client.

Gorjan, could you edit the Script_Ideas page and fill in examples of the
kind of information that a backorifice-info script would be able to
find. It's a good idea but the description could be better. The best is
if you can include some sample output, wihch the script will look like
when it is finished.

I'm assuming you already know about the protocol and what its
capabilities are; if you are still learning and don't know yet, then
don't worry about it.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/




_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault