Nmap Development mailing list archives
Re: [NSE] Shodan exploits database library (and demo script)
From: Fyodor <fyodor () insecure org>
Date: Sun, 12 Dec 2010 11:37:02 -0800
On Sun, Dec 12, 2010 at 12:19:29PM +0100, Gutek wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Just an update. As promised, I've started working from scratch on a real exploits search script.
Great!
This gives something like this (example from one of the dozen exploits matching "apache"): NSE: [EXPLOIT VERSION] 2.0.52 NSE: [NUMERIZE] i=1 k=2(2) NSE: [NUMERIZE] i=2 k=0(0) NSE: [NUMERIZE] i=3 k=52(17.333333333333) NSE: [NUMERIZE] serial=19.333333333333
I'm not sure that this will work well. For example, Apache 2.2.17 is much newer and yet would only get a value of 9.67 (2/1 + 2/2 + 17/3). In general, after you split the version numb in to segments like "2", "2", "17", I think a higher value in an earlier segment should overrule a higher value in a later segment. So I'd count 2.2.17 higher than even 2.1.999. Maybe you rather than divide the values by i above, you should divide by something like a million to the i power. Or maybe a better interface would talke both version numbers and return a value whether the test one is less, equal to, or more than the reference. After all, version numbers can have a lot of compexity. Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Shodan exploits database library (and demo script) Gutek (Nov 12)
- Re: [NSE] Shodan exploits database library (and demo script) David Fifield (Nov 22)
- Re: [NSE] Shodan exploits database library (and demo script) Gutek (Nov 22)
- Re: [NSE] Shodan exploits database library (and demo script) David Fifield (Nov 29)
- Re: [NSE] Shodan exploits database library (and demo script) Gutek (Nov 30)
- Re: [NSE] Shodan exploits database library (and demo script) Gutek (Dec 12)
- Re: [NSE] Shodan exploits database library (and demo script) Fyodor (Dec 12)
- Re: [NSE] Shodan exploits database library (and demo script) Gutek (Dec 12)
- RE: [NSE] Shodan exploits database library (and demo script) Rob Nicholls (Dec 13)
- Re: [NSE] Shodan exploits database library (and demo script) Fyodor (Dec 13)
- Re: [NSE] Shodan exploits database library (and demo script) Gutek (Nov 22)
- Re: [NSE] Shodan exploits database library (and demo script) David Fifield (Nov 22)