Nmap Development mailing list archives
Re: PR: 1202 new nmap detect script - NagiosXI
From: Cale Smith <cale () redactedsec net>
Date: Thu, 10 May 2018 16:51:28 -0600
Hello George, Thanks for the feedback. I will look into http-fingerprints. This exploit is a bit involved as it leverages 4 vulnerabilities before code is actually executed. Which is why I was doing a simple version check and felt confident in given the amount of testing I have done against many Nagios appliances. http://blog.redactedsec.net/exploits/2018/04/26/nagios.html Thank you, --Cale On 5/7/18 1:41 AM, George Chatzisofroniou wrote:
Hi Cale, On Thu, Apr 26, 2018 at 11:03 PM, Cale Smith <cale () redactedsec net> wrote:Hello nmap developers! This pull request includes a new detection scripts for vulnerable and un-patched versions of the monitoring product NagiosXI.Personally, I would prefer our exploit scripts to look for RCE by actually trying to exploit the remote target instead of simply checking the version of the installed software. I believe your code currently fits better as a new entry in http-fingerprints file. George
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- PR: 1202 new nmap detect script - NagiosXI Cale Smith (May 03)
- Re: PR: 1202 new nmap detect script - NagiosXI Cale Smith (May 03)
- Re: PR: 1202 new nmap detect script - NagiosXI George Chatzisofroniou (May 07)
- Re: PR: 1202 new nmap detect script - NagiosXI Cale Smith (May 16)