Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Updated smb-check-vulns.nse for SMBv2

From: Ron <ron () skullsecurity net>
Date: Mon, 14 Sep 2009 10:47:09 -0500
Blog: http://www.skullsecurity.org/blog/?p=331
It's short and simple, but it doesn't hurt to let people know what's going on. 

On 09/14/2009 10:23 AM, Ron wrote:

I just checked in an updated version of smb-check-vulns.nse that will
check for the SMBv2 vulnerability (by crashing the system and seeing if
it's offline).

I decided to sidestep the whole 'DoS' issue the same way I did before,
and used a script argument to control whether or not it runs.
smb-check-vulns.nse requires you to pass --script-args=unsafe=1 to run
checks that are guaranteed to crash vulnerable hosts. If the user
doesn't pass that parameter, the outputs tells them to.

I'm going to write a blog post about it shortly, I'll post a link when
that's done.

Ron

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: