Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Djalal's Status Report - #5 of 17
From: Djalal Harouni <tixxdz () opendz org>
Date: Tue, 31 May 2011 09:13:04 +0100

Hi,

Accomplishments:
* Added the smtp.lua library, currently it supports:
  Plaintext and ssl connections.
  The ability to switch from plaintext to ssl by starttls.
  Low level functions to send and receive.
  The ehlo command.

  This is in my branch: nmap-exp/djalal/nse-vuln

* Updated the smtp-vuln-cve2011-1720.nse script, the Postfix Cyrus
  SASL auth memory corruption script to use the smtp.lua library.
  This is in my branch: nmap-exp/djalal/nse-vuln

* Started the smtp-vuln-cve2010-4344 script, which will check for the
  Exim heap overflow CVE-2010-4344.
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-4344

* Uploaded the http architecture draft to my branch, still missing some
  points (need to discuss them with Henri).
  nmap-exp/djalal/http_arch_proposal.txt


Priorities:
* Finish the smtp-vuln-cve2010-4344.nse script.
* Discuss the HTTP architecture draft with my mentor.
* Research more vulnerability and exploit scripts and work on them
  https://secwiki.org/w/Nmap/Script_Ideas#Djalal_Harouni

-- 
tixxdz
http://opendz.org
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
  • Djalal's Status Report - #5 of 17 Djalal Harouni (May 31)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]