Nmap Development mailing list archives
Re: Is this command-line syntax correct? And is mysql-vuln-cve2012-2122.nse on the main repository?
From: Hani Benhabiles <kroosec () gmail com>
Date: Tue, 21 Aug 2012 09:11:45 +0100
On 08/21/2012 08:07 AM, Richard Miles wrote:
Hi all Today I was trying to do a nmap scan on my whole internal network testing for all these categories: - auth - brute - exploit - intrusive - vuln However I don't want the following scripts to run to prevent account lockout here: - smb-brute - ldap-brute I did the following command: nmap -n -sV -O --script "(auth and brute and exploit and intrusive and vuln) and not smb-brute or ldap-brute" -iL hosts.txt -oN Test.txt However I'm not sure if it's working because I got absolutely no output from any script, OK, maybe my network is not vulnerable to any of these tests, but I'm not sure, because it was very fast to run and for example I have a lot of MySQL servers, telnet servers and web applications / web-servers. Is this syntax correct for my needs? If not, can someone please point me the correct one? I also saw a nice script ( http://seclists.org/nmap-dev/2012/q2/att-711/mysql-vuln-cve2012-2122.nse), but I was unable to find it on the main repository. There is a plan to make it part of main nmap repository? Thanks again. _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Hi Richard,In case you are in doubt of wether the scripts run in your environment, you could use the -d debug flag to get more information on the scan and see what scripts were launched.
Cheers, Hani. -- Hani Benhabiles Twitter: https://twitter.com/#!/kroosec Blog: http://kroosec.blogspot.com _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Is this command-line syntax correct? And is mysql-vuln-cve2012-2122.nse on the main repository? Richard Miles (Aug 21)
- Re: Is this command-line syntax correct? And is mysql-vuln-cve2012-2122.nse on the main repository? Hani Benhabiles (Aug 21)
- Re: Is this command-line syntax correct? And is mysql-vuln-cve2012-2122.nse on the main repository? Daniel Miller (Aug 21)