Nmap Development mailing list archives
Re: backorifice-brute NSE script
From: Patrick Donnelly <batrick () batbytes com>
Date: Wed, 4 May 2011 16:15:32 -0400
On Wed, May 4, 2011 at 12:45 PM, Gorjan Petrovski <mogi57 () gmail com> wrote:
And since the service can be configured to run on any port, what kind of a rule should initiate this script? If I use shortport.port_or_service(31337, "BackOrifice","udp"), it won't be able to run on any port, and this script will be the main one to identify a BackOrifice service running on any port. The probe is no good, because it only works with default encryption (initial seed 31337) on port 31337.
There are version scripts which run on (almost) any open port. See skypev2-version.nse portrule. However, as I understand it, the BackOrifice service looks filtered unless you can authenticate properly with it. If we were to run backorifice-brute against all unfiltered UDP ports... that would take a while ;). I think for this we need a script argument where the user suggests a port list to run against. Something like: --script-arg 'backorifice-brute.ports=31338' or --script-arg 'backorifice-brute.ports=1-65536'. -- - Patrick Donnelly _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: backorifice-brute NSE script, (continued)
- Re: backorifice-brute NSE script Patrick Donnelly (May 02)
- Re: backorifice-brute NSE script David Fifield (May 02)
- Re: backorifice-brute NSE script Daniel Miller (May 02)
- Re: backorifice-brute NSE script Patrik Karlsson (May 03)
- Re: backorifice-brute NSE script Patrik Karlsson (May 09)
- Re: backorifice-brute NSE script Gorjan Petrovski (May 04)
- Re: backorifice-brute NSE script David Fifield (May 02)
- Re: backorifice-brute NSE script Gorjan Petrovski (May 04)
- Re: backorifice-brute NSE script Patrick Donnelly (May 04)
- Re: backorifice-brute NSE script Gorjan Petrovski (May 04)
- Re: backorifice-brute NSE script Toni Ruottu (May 04)
- Re: backorifice-brute NSE script Patrick Donnelly (May 04)
- Re: backorifice-brute NSE script Gorjan Petrovski (May 05)
- Re: backorifice-brute NSE script Patrick Donnelly (May 02)
- Re: backorifice-brute NSE script Toni Ruottu (May 04)
- Re: backorifice-brute NSE script Gorjan Petrovski (May 05)