Script netbus-auth-bypass

Script types: portrule
Categories: auth, safe, vuln
Download: https://svn.nmap.org/nmap/scripts/netbus-auth-bypass.nse

Script Summary

Checks if a NetBus server is vulnerable to an authentication bypass vulnerability which allows full access without knowing the password.

For example a server running on TCP port 12345 on localhost with this vulnerability is accessible to anyone. An attacker could simply form a connection to the server ( ncat -C 127.0.0.1 12345 ) and login to the service by typing Password;1; into the console.

See also:

Example Usage

nmap -p 12345 --script netbus-auth-bypass <target>

Script Output

12345/tcp open  netbus
|_netbus-auth-bypass: Vulnerable

Requires


Author:

  • Toni Ruottu

License: Same as Nmap--See https://nmap.org/book/man-legal.html