Script wdb-version

Script types: portrule
Categories: default, safe, version, discovery, vuln

Script Summary

Detects vulnerabilities and gathers information (such as version numbers and hardware support) from VxWorks Wind DeBug agents.

Wind DeBug is a SunRPC-type service that is enabled by default on many devices that use the popular VxWorks real-time embedded operating system. H.D. Moore of Metasploit has identified several security vulnerabilities and design flaws with the service, including weakly-hashed passwords and raw memory dumping.

See also:

Script Arguments

mount.version, nfs.version, rpc.protocol

See the documentation for the rpc library.

Example Usage

nmap -sU -p 17185 --script wdb-version <target>

Script Output

17185/udp open  wdb  Wind DeBug Agent 2.0
| wdb-version:
|   VULNERABLE: Wind River Systems VxWorks debug service enabled. See
|   Agent version: 2.0
|   VxWorks version: VxWorks5.4.2
|   Board Support Package: PCD ARM940T REV 1
|   Boot line: host:vxWorks.z



  • Daniel Miller

License: Same as Nmap--See