Nmap Development mailing list archives
Re: Is this command-line syntax correct? And is mysql-vuln-cve2012-2122.nse on the main repository?
From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 21 Aug 2012 06:35:23 -0500
Richard, You should probably do a check through the scripts that are being selected to be sure you haven't included anything you don't want (such as denial-of-service scripts). You can see a listing of scripts that match a particular selector by changing --script to --script-help. This will also give a lot of extra information about each script to help you make a selection. To do exactly what you said here, you should change the "and"s in parentheses to "or"s, like so: "(auth or brute or exploit or intrusive or vuln) and not (smb-brute or ldap-brute)". Note the extra parentheses around the 2 scripts at the end. What you had previously would match any script that had all those 5 categories (which is no script), specifically excluding smb-brute, and specifically including ldap-brute. Dan On Tue, Aug 21, 2012 at 2:07 AM, Richard Miles <richard.k.miles () googlemail com> wrote:
Hi all Today I was trying to do a nmap scan on my whole internal network testing for all these categories: - auth - brute - exploit - intrusive - vuln However I don't want the following scripts to run to prevent account lockout here: - smb-brute - ldap-brute I did the following command: nmap -n -sV -O --script "(auth and brute and exploit and intrusive and vuln) and not smb-brute or ldap-brute" -iL hosts.txt -oN Test.txt However I'm not sure if it's working because I got absolutely no output from any script, OK, maybe my network is not vulnerable to any of these tests, but I'm not sure, because it was very fast to run and for example I have a lot of MySQL servers, telnet servers and web applications / web-servers. Is this syntax correct for my needs? If not, can someone please point me the correct one? I also saw a nice script ( http://seclists.org/nmap-dev/2012/q2/att-711/mysql-vuln-cve2012-2122.nse), but I was unable to find it on the main repository. There is a plan to make it part of main nmap repository? Thanks again. _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Is this command-line syntax correct? And is mysql-vuln-cve2012-2122.nse on the main repository? Richard Miles (Aug 21)
- Re: Is this command-line syntax correct? And is mysql-vuln-cve2012-2122.nse on the main repository? Hani Benhabiles (Aug 21)
- Re: Is this command-line syntax correct? And is mysql-vuln-cve2012-2122.nse on the main repository? Daniel Miller (Aug 21)