Re: Stuxnet / ms10-073 check. Anybody finished it?

[Fyodor <fyodor () insecure org>]

On Sun, Jun 19, 2011 at 11:37:48AM -0500, Richard Miles wrote:
> Hi Mak and all,
>
> Sorry, just now I noted that I wrote the wrong reference number for
> the vulnerability, I'm taking about an check for ms10-061, that also
> already have an exploit in metasploit:
>
> http://www.metasploit.com/modules/exploit/windows/smb/ms10_061_spoolss
>
> I guess this will be an great, really great check together with
> smb-vulns that look for smb-8-067 that is also awesome.
>
> I don't know if this helps in write the code to nmap, but nessus has
> an script to detect it....
>
> http://nessus.de/plugins/index.php?view=single&id=49219
>
> OpenVAS also has a check for it, but I don't know if it's that great.
>
> http://openvas.komma-nix.de/nasl.php?oid=901150
>
> What I really love about smb-vulns in nmap is that it's very
> trustable, not sure about Nessus and OpenVAS test for this
> vulnerability in special...
>
> Nessus and OpenVAS are nice, but I really prefer nmap - thanks to you all guys.

Hi Richard.  That sounds like a promising candidate!  Would you add it
to the incoming section of our script ideas wiki
(https://secwiki.org/w/Nmap_Script_Ideas)?  Please include those
valuable links.  With a good description and references like this,
hopefully someone will see it and give implementation a shot!

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/