Nmap Development mailing list archives
Re: GSoC 2012 Project - Vulnerability and exploitation specialist
From: David Fifield <david () bamsoftware com>
Date: Wed, 28 Mar 2012 22:38:00 -0700
On Wed, Mar 28, 2012 at 04:03:55PM +0200, Aleksandar Nikolic wrote:
Hi, I've added two vulnerability entries as Mr. Harouni suggested. Apart from that, some people reported that the script didn't work on some Windows 7 machines as expected, so I've updated the script to fix that. Although I have tested it against vulnerable Windows XP and Windows 7 machines, there could still be some issues, so if you test this, and it doesn't work as expected, please contact me.
Thanks for being so quick with these updates. I have just committed your script. I was not able to test it against a vulnerable installation, but I saw it doing the test and correctly reporting "not vulnerable." If the script finds a service that is not RDP, it marks it NOT_VULN. Is that the convention in other scripts? It seems like it should simply leave it unset in this case, because we really don't have positive confirmation that the vulnerability is not present. We have roughly the same level of knowledge as if the script had not been run. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- GSoC 2012 Project - Vulnerability and exploitation specialist Aleksandar Nikolic (Mar 23)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Toni Ruottu (Mar 23)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist David Fifield (Mar 23)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Aleksandar Nikolic (Mar 24)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Aleksandar Nikolic (Mar 25)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Djalal Harouni (Mar 26)
- Message not available
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Aleksandar Nikolic (Mar 26)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Djalal Harouni (Mar 26)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Aleksandar Nikolic (Mar 28)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist David Fifield (Mar 28)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Djalal Harouni (Mar 29)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Aleksandar Nikolic (Mar 29)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist David Fifield (Mar 29)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Toni Ruottu (Mar 29)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist David Fifield (Mar 29)
- Re: GSoC 2012 Project - Vulnerability and exploitation specialist Aleksandar Nikolic (Mar 24)