I’ve cleaned up the Nmap scripts page a bit to better reflect reality. Most of the scripts published on that page have been commited to the Nmap development release. I’m actively working on getting the remainder commited to. Once the scripts have been commited, they’re no longer maintained here. So, in order to try them out I recommend you to install the latest development release of Nmap. In order to do so, follow the steps outlined here.
I created a new Nmap script today that attempts to discover the Kerberos realm and the server time. It does this by sending an incorrect AS-REQ request to the server. The Microsoft implementation of Kerberos responds with an error packet containing the correct Realm name. On systems with other implementation, the server time alone is returned. The script works against both TCP and UDP. It’s available for download at the dedicated nmap-scripts page over here.
Nmap 5.10-BETA2 was released by Fyodor as a X-mas present the other day. I was pleased to see that almost all of my scripts made it into this version. The remaining one, oracle-sid-brute, made it into SVN just a few minutes ago 🙂
For the full changelog of Nmap 5.10-BETA2 have a look here.