Home page logo
/
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News

Scripts

afp-path-vuln

Detects the Mac OS X AFP directory traversal vulnerability, CVE-2010-0533.

ftp-libopie

Checks if an FTPd is prone to CVE-2010-1938 (OPIE off-by-one stack overflow), a vulnerability discovered by Maksymilian Arciemowicz and Adam "pi3" Zabrocki. See the advisory at http://nmap.org/r/fbsd-sa-opie. Be advised that, if launched against a vulnerable host, this script will crash the FTPd.

http-enum

Enumerates directories used by popular web applications and servers.

http-iis-webdav-vuln

Checks for a vulnerability in IIS 5.1/6.0 that allows arbitrary users to access secured WebDAV folders by searching for a password-protected folder and attempting to access it. This vulnerability was patched in Microsoft Security Bulletin MS09-020, http://nmap.org/r/ms09-020.

http-passwd

Checks if a web server is vulnerable to directory traversal by attempting to retrieve /etc/passwd or \boot.ini using various traversal methods such as requesting ../../../../etc/passwd.

http-vmware-path-vuln

Checks for a path-traversal vulnerability in VMWare ESX, ESXi, and Server (CVE-2009-3733).

irc-unrealircd-backdoor

Checks if an IRC server is backdoored by running a time-based command (ping) and checking how long it takes to respond.

realvnc-auth-bypass

Checks if a VNC server is vulnerable to the RealVNC authentication bypass (CVE-2006-2369).

smb-check-vulns

Checks for vulnerabilities:

  • MS08-067, a Windows RPC vulnerability
  • Conficker, an infection by the Conficker worm
  • Unnamed regsvc DoS, a denial-of-service vulnerability I accidentally found in Windows 2000
  • SMBv2 exploit (CVE-2009-3103, Microsoft Security Advisory 975497)
  • MS06-025, a Windows Ras RPC service vulnerability
  • MS07-029, a Windows Dns Server RPC service vulnerability

sql-injection

Spiders an HTTP server looking for URLs containing queries vulnerable to an SQL injection attack.

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]