Scripts
| afp-path-vuln |
Detects the Mac OS X AFP directory traversal vulnerability, CVE-2010-0533. |
| ftp-libopie |
Checks if an FTPd is prone to CVE-2010-1938 (OPIE off-by-one stack overflow), a vulnerability discovered by Maksymilian Arciemowicz and Adam "pi3" Zabrocki. See the advisory at http://nmap.org/r/fbsd-sa-opie. Be advised that, if launched against a vulnerable host, this script will crash the FTPd. |
| http-enum |
Enumerates directories used by popular web applications and servers. |
| http-iis-webdav-vuln |
Checks for a vulnerability in IIS 5.1/6.0 that allows arbitrary users to access secured WebDAV folders by searching for a password-protected folder and attempting to access it. This vulnerability was patched in Microsoft Security Bulletin MS09-020, http://nmap.org/r/ms09-020. |
| http-passwd |
Checks if a web server is vulnerable to directory traversal by attempting to
retrieve |
| http-vmware-path-vuln |
Checks for a path-traversal vulnerability in VMWare ESX, ESXi, and Server (CVE-2009-3733). |
| irc-unrealircd-backdoor |
Checks if an IRC server is backdoored by running a time-based command (ping) and checking how long it takes to respond. |
| realvnc-auth-bypass |
Checks if a VNC server is vulnerable to the RealVNC authentication bypass (CVE-2006-2369). |
| smb-check-vulns |
Checks for vulnerabilities:
|
| sql-injection |
Spiders an HTTP server looking for URLs containing queries vulnerable to an SQL injection attack. |