Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] New script: qnx-qconn.nse
From: David Fifield <david () bamsoftware com>
Date: Thu, 8 Aug 2013 20:19:42 -0700

On Sun, Jul 28, 2013 at 08:09:37PM +1000, Brendan Coles wrote:
Better late than never. I've implemented all suggested changes. Revised
script attached.

Example output:

PORT     STATE SERVICE VERSION
8000/tcp open  qconn   qconn remote IDE support
| qnx-qconn:
|   VULNERABLE:
|   The QNX QCONN daemon allows remote command execution.
|     State: VULNERABLE
|     Risk factor: High
|     Description:
|       The QNX QCONN daemon allows unauthenticated users to execute
arbitrary operating
|       system commands as the 'root' user.
|
|     References:
|
http://www.fishnetsecurity.com/6labs/blog/pentesting-qnx-neutrino-rtos
|_      http://metasploit.org/modules/exploit/unix/misc/qnx_qconn_exec

Thanks for the script. I renamed it to qconn-exec to match the format of
some other exec scripts, and committed it in r31705.

David Fifield
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault