Nmap Development mailing list archives
Re: [NSE Script] HTTP probe for /etc/passwd
From: Fyodor <fyodor () insecure org>
Date: Sat, 21 Jul 2007 22:36:55 -0700
On Sat, Jul 21, 2007 at 06:15:03PM +0000, Brandon Enright wrote:
80/tcp open http | HTTP /etc/passwd probe: root::0:0:root:/root:/bin/bash | bin:*:1:1:bin:/bin:/sbin/nologin | daemon:*:2:2:daemon:/sbin:/sbin/nologin | adm:*:3:4:adm:/var/adm:/sbin/nologin | lp:*:4:7:lp:/var/spool/lpd:/sbin/nologin | sync:*:5:0:sync:/sbin:/bin/sync
Looks promising. I think we should print the URL which ended up working against the server. That would also allow for more zealous cropping of the password file itself. Like maybe we chould show just the first 15 lines unless we are in debug mode. It is important that we don't overwelm the user. Thanks for doing so much testing. Its great that this already helped you find one vulnerable system.
fingerprint are all the odd HTTP servers we have running around here. Your portrule looks for 80, 8000, or "http". If we have some strange HTTP server running on 1234 this script wont run.
Well it should still run as long as version detection is used. And I would in general strongly recommend version detection be used whenever -sC is. The -A option includes both. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE Script] HTTP probe for /etc/passwd Kris Katterjohn (Jul 20)
- Re: [NSE Script] HTTP probe for /etc/passwd MadHat Unspecific (Jul 20)
- Re: [NSE Script] HTTP probe for /etc/passwd Brandon Enright (Jul 20)
- Re: [NSE Script] HTTP probe for /etc/passwd Kris Katterjohn (Jul 20)
- Re: [NSE Script] HTTP probe for /etc/passwd Kris Katterjohn (Jul 21)
- Re: [NSE Script] HTTP probe for /etc/passwd Brandon Enright (Jul 21)
- Re: [NSE Script] HTTP probe for /etc/passwd Kris Katterjohn (Jul 21)
- Re: [NSE Script] HTTP probe for /etc/passwd Brandon Enright (Jul 20)
- Re: [NSE Script] HTTP probe for /etc/passwd Brandon Enright (Jul 21)
- Re: [NSE Script] HTTP probe for /etc/passwd Kris Katterjohn (Jul 21)
- Re: [NSE Script] HTTP probe for /etc/passwd Fyodor (Jul 21)
- Re: [NSE Script] HTTP probe for /etc/passwd Brandon Enright (Jul 22)
- Re: [NSE Script] HTTP probe for /etc/passwd Fyodor (Jul 22)
- Re: [NSE Script] HTTP probe for /etc/passwd MadHat Unspecific (Jul 20)
- Re: [NSE Script] HTTP probe for /etc/passwd Gaveen Prabhasara (Jul 22)
- Re: [NSE Script] HTTP probe for /etc/passwd Arturo 'Buanzo' Busleiman (Jul 22)
- Re: [NSE Script] HTTP probe for /etc/passwd Gaveen Prabhasara (Jul 22)
- Re: [NSE Script] HTTP probe for /etc/passwd Arturo 'Buanzo' Busleiman (Jul 23)
- Re: [NSE Script] HTTP probe for /etc/passwd Kris Katterjohn (Jul 22)