File http-frontpage-login
Script types:
portrule
Categories:
vuln, safe
Download: http://nmap.org/svn/scripts/http-frontpage-login.nse
User Summary
Checks whether target machines are vulnerable to anonymous Frontpage login.
Older, default configurations of Frontpage extensions allow remote user to login anonymously which may lead to server compromise.
Script Arguments
http-frontpage-login.path
Path prefix to Frontpage directories. Defaults to root ("/").
smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername
See the documentation for the smbauth library.http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent
See the documentation for the http library.vulns.showall
See the documentation for the vulns library.Example Usage
nmap <target> -p 80 --script=http-frontpage-login
Script Output
PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-frontpage-login: | VULNERABLE: | Frontpage extension anonymous login | State: VULNERABLE | Description: | Default installations of older versions of frontpage extensions allow anonymous logins which can lead to server compromise. | | References: |_ http://insecure.org/sploits/Microsoft.frontpage.insecurities.html
Requires
Author: Aleksandar Nikolic
License: Same as Nmap--See http://nmap.org/book/man-legal.html