Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] New script krb5-enum-users
From: Patrik Karlsson <patrik () cqure net>
Date: Sat, 22 Oct 2011 15:41:01 +0200



Den 10/22/11 12:54 PM skrev Duarte Silva <duarte.silva () serializing me>:

Hi,

after looking at Patrik new kerberos user enumeration script, it got me
tinkering about the categories of user enumeration scripts. After some
grep'ing I got the following categories (I may have missed some?).

domino-enum-users.nse:categories = {"intrusive", "auth"}
http-userdir-enum.nse:categories = {"discovery", "intrusive"}
krb5-enum-users.nse:categories = {"auth", "discovery", "safe"}
mysql-users.nse:categories = {"discovery", "intrusive"}
ncp-enum-users.nse:categories = {"discovery", "safe"}
oracle-enum-users.nse:categories = {"intrusive", "auth"}
sip-enum-users.nse:categories = {"intrusive", "auth"}
smb-enum-users.nse:categories = {"discovery","intrusive"}
smtp-enum-users.nse:categories = {"discovery","external","intrusive"}
snmp-win32-users.nse:categories = {"default", "discovery", "safe"}
http-wordpress-enum.nse:categories = {"discovery", "auth", "intrusive",
"vuln"}

Taking into account the NSE categories descriptions [1], with the
exception of 
snmp-win32-users.nse and ncp-enum-users.nse, all the scripts should, in
my 
opinion, be considered intrusive since they will brute force the user
names.

The discovery category would be removed from all of them since we aren't
"discover(ing) more about the network by querying public registries".

All of them would be in the auth category. Any thoughts? Ideas?

I think this sounds reasonable (removing discovery and adding auth).
Unless anyone strongly objects feel free to send me a patch and I will
apply it.

Cheers,
//Patrik



Regards,
Duarte Silva

[1] http://nmap.org/book/nse-usage.html#nse-categories







_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]