exploit NSE Category

<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner
- Intro
- Ref Guide
- Install Guide
- Download
- Changelog
- Book
- Docs
Security Lists
- Nmap Hackers
- Nmap Dev
- Bugtraq
- Full Disclosure
- Pen Test
- Basics
- More
Security Tools
Site News
Advertising
About/Contact
Sponsors:

Intro	Reference Guide	Book	Install Guide
Download	Changelog	Zenmap GUI	Docs
Bug Reports	OS Detection	Propaganda	Related Projects
In the Movies		In the News

Scripts

afp-path-vuln	Detects the Mac OS X AFP directory traversal vulnerability, CVE-2010-0533.
ftp-proftpd-backdoor	Tests for the presence of the ProFTPD 1.3.3c backdoor reported as OSVDB-ID 69562. This script attempts to exploit the backdoor using the innocuous `id` command by default, but that can be changed with the `ftp-proftpd-backdoor.cmd` script argument.
ftp-vsftpd-backdoor	Tests for the presence of the vsFTPd 2.3.4 backdoor reported on 2011-07-04 (CVE-2011-2523). This script attempts to exploit the backdoor using the innocuous `id` command by default, but that can be changed with the `exploit.cmd` or `ftp-vsftpd-backdoor.cmd` script arguments.
http-awstatstotals-exec	Exploits a remote code execution vulnerability in Awstats Totals 1.0 up to 1.14 and possibly other products based on it (CVE: 2008-3922).
http-axis2-dir-traversal	Exploits a directory traversal vulnerability in Apache Axis2 version 1.4.1 by sending a specially crafted request to the parameter `xsd` (OSVDB-59001). By default it will try to retrieve the configuration file of the Axis2 service `'/conf/axis2.xml'` using the path `'/axis2/services/'` to return the username and password of the admin account.
http-barracuda-dir-traversal	Attempts to retrieve the configuration settings from a Barracuda Networks Spam & Virus Firewall device using the directory traversal vulnerability described at http://seclists.org/fulldisclosure/2010/Oct/119.
http-litespeed-sourcecode-download	Exploits a null-byte poisoning vulnerability in Litespeed Web Servers 4.0.x before 4.0.15 to retrieve the target script's source code by sending a HTTP request with a null byte followed by a .txt file extension (CVE-2010-2333).
http-majordomo2-dir-traversal	Exploits a directory traversal vulnerability existing in Majordomo2 to retrieve remote files. (CVE-2011-0049).
http-vuln-cve2009-3960	Exploits cve-2009-3960 also known as Adobe XML External Entity Injection.
irc-unrealircd-backdoor	Checks if an IRC server is backdoored by running a time-based command (ping) and checking how long it takes to respond.
smb-check-vulns	Checks for vulnerabilities: MS08-067, a Windows RPC vulnerability Conficker, an infection by the Conficker worm Unnamed regsvc DoS, a denial-of-service vulnerability I accidentally found in Windows 2000 SMBv2 exploit (CVE-2009-3103, Microsoft Security Advisory 975497) MS06-025, a Windows Ras RPC service vulnerability MS07-029, a Windows Dns Server RPC service vulnerability
smtp-vuln-cve2010-4344	Checks for and/or exploits a heap overflow within versions of Exim prior to version 4.69 (CVE-2010-4344) and a privilege escalation vulnerability in Exim 4.72 and prior (CVE-2010-4345).

Nmap Site Navigation

Intro	Reference Guide	Book	Install Guide
Download	Changelog	Zenmap GUI	Docs
Bug Reports	OS Detection	Propaganda	Related Projects
In the Movies		In the News

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]