Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: backorifice-brute NSE script
From: Gorjan Petrovski <mogi57 () gmail com>
Date: Wed, 4 May 2011 18:45:46 +0200

And since the service can be configured to run on any port, what kind
of a rule should initiate this script?
If I use shortport.port_or_service(31337, "BackOrifice","udp"), it
won't be able to run on any port, and this script will be the main one
to identify a BackOrifice service running on any port. The probe is no
good, because it only works with default encryption (initial seed
31337) on port 31337.

On Wed, May 4, 2011 at 6:30 PM, Patrick Donnelly <batrick () batbytes com> wrote:
On Wed, May 4, 2011 at 9:11 AM, Gorjan Petrovski <mogi57 () gmail com> wrote:
Should a brute script update version info?

Probably not. I think backorifice-version would be more appropriate if possible.

So, with above answer in mind, should backorifice-brute update version
info if it finds the password?

Yes, definitely. Thanks for explaining.

- Patrick Donnelly

Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]