Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: PR: 1202 new nmap detect script - NagiosXI

From: Cale Smith <cale () redactedsec net>
Date: Thu, 10 May 2018 16:51:28 -0600
Hello George,
Thanks for the feedback. I will look into http-fingerprints.


This exploit is a bit involved as it leverages 4 vulnerabilities before
code is actually executed. Which is why I was doing a simple version
check and felt confident in given the amount of testing I have done
against many Nagios appliances.

http://blog.redactedsec.net/exploits/2018/04/26/nagios.html

Thank you,
--Cale


On 5/7/18 1:41 AM, George Chatzisofroniou wrote:

Hi Cale,

On Thu, Apr 26, 2018 at 11:03 PM, Cale Smith <cale () redactedsec net> wrote:

Hello nmap developers!
This pull request includes a new detection scripts for vulnerable and
un-patched versions of the monitoring product NagiosXI.

Personally, I would prefer our exploit scripts to look for RCE by
actually trying to exploit the remote target instead of simply
checking the version of the installed software.

I believe your code currently fits better as a new entry in
http-fingerprints file.

George



_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: