Be sure to get it at http://nmap.org/6 !
Nmap 5.50 is out, make sure to check it out. It contains a lot of new NSE stuff, including support for broadcast, pre- and post-rules and most of the scripts I, and many others, have created during the last year. For more information check out the official post http://seclists.org/nmap-hackers/2011/0
My employer (Inspect it) is hiring in Stockholm (Sweden). Inspect it is looking for people that currently work with IT- and information-security or have a strong desire to do so. Applicants should have experience within one or more of the following areas:
– Penetration- and Application-security testing
– Application & System security reviews
– Incident response and IT-forensics
– Security training
If your interested or have any questions contact me directly or send an e-mail to jobs[at]inspectit[dot]se
I received a bug report for my Nmap nfs-showmount script a few days ago. I ended up re-writing the whole thing as it was my first script, which is short for “ugly as hell”. I moved all NFS and RPC stuff into a new library called rpc.lua and added some more functionality as well.
I’ve also added two more scripts that make use of the library nfs-get-stats and nfs-get-dirlist. The first retrieves disk usage for each export and the second lists files on a share. They’re both available from the nmap-scripts page as usual.
If anyone missed this the Nmap project released their 5.20 version yesterday! Make sure to check it out at http://nmap.org/download.html.
I found a bug in the Nmap SNMP scripts that would trigger an endless loop if the MIB that they attempt to walk does not exist. This would occur if they’re run against anything else than Windows. I’ve now addressed this and released a 0.2 version of them. They’re available from the nmap-scripts page.
I’ve update the nmap-script page with two scripts for MySQL. The first simply checks whether the root user has a blank password set. The second script allows to perform online password guessing against MySql.
Just posted some code (libraries and scripts) that allows Nmap to do LDAP queries. It’s available from the nmap-scripts page. The code consists of two libraries asn1 and ldap that do most of the work. The LDAP library supports the SearchRequest, BindRequest and UnbindRequest operations and therefore supports both unauthenticated and authenticated searches.
The functionality is still somewhat limited and the library has the following shortcomings in my opinion:
- At the moment it only supports simple bind
- It lacks filter parsing support. That said, it supports filters, but they need to be supplied using tables rather than their textual representation as described in RFC 2254.
- SSL is currently not supported mainly because I didn’t have an SSL enabled LDAP server running.
- Some attributes returned by AD fail parsing and return a blob of hex characters.
- There’s an annoying GUI indentation bug that needs tending to.
Despite these shortcomings I’m releasing a first version of the library and scripts. The scripts have undergone limited testing against both OpenLDAP and ActiveDirectory.
I made some small changes to the kerberos-get-realm script and have uploaded a version 0.2 of it. It’s available from the nmap-scripts page.