Nmap Development mailing list archives
ftp-capabilities.nse
From: Ron <ron () skullsecurity net>
Date: Thu, 17 Sep 2009 15:04:49 -0500
In response to that Microsoft FTP vulnerability from a week or two ago, Xavier at blog.rootshell.be wrote an NSE script to detect vulnerable FTP servers. I linked to it in my blog, and found that people were having issues running it (I determined this was due to an undeclared variable). So, I gave it an overhaul to the way I like to write scripts and put it up here:
http://www.skullsecurity.org/blogdata/ftp-capabilities.nse Fortunately, he left the Nmap license on it.I think it might need more work before being checked in as an actual script. It does what I wrote it to do well enough, finding systems that allow mkdir. What else do people want to know about ftp servers? Any comments/concerns?
That sort of leads me to another thought: anybody have feelings about creating an nse category for "experimental" scripts? That is, scripts that more or less work fine but haven't been tested enough to call stable? I've written a lot of scripts in the past few weeks that I post to the list for people to test, but it'd be nice to stick it in svn without having to use a nmap-exp branch. I find things getting lost in the shuffle, since I work on them from at least 3 different systems, and often pass stuff to myself via email. Any opinions on that?
Ron _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- ftp-capabilities.nse Ron (Sep 17)
- Re: ftp-capabilities.nse Fyodor (Sep 17)
- Re: ftp-capabilities.nse Ron (Sep 17)
- Re: ftp-capabilities.nse Fyodor (Sep 17)