Mastering the Nmap Scripting Engine

Book Image

Mastering the Nmap Scripting Engine

By : Paulino Calderon

Book Image

Mastering the Nmap Scripting Engine

By: Paulino Calderon

Overview of this book

Mastering the Nmap Scripting Engine

Mastering the Nmap Scripting Engine

Credits

About the Author

About the Author

Acknowledgments

Acknowledgments

About the Reviewers

About the Reviewers

www.PacktPub.com

www.PacktPub.com

Preface

Free Chapter

Introduction to the Nmap Scripting Engine

Introduction to the Nmap Scripting Engine

Installing Nmap

Running NSE scripts

Script categories

Scan phases and NSE

Applications of NSE scripts

Setting up a development environment

Adding new scripts

Lua Fundamentals

Lua Fundamentals

Quick notes about Lua

Flow control structures

String handling

Common data structures

Metatables and metamethods

NSE Data Files

Locating your data directory

Data directory search order

Username and password lists used in brute-force attacks

Web application auditing data files

DBMS-auditing data files

Java Debug Wire Protocol data files

Other NSE data files

Other Nmap data files

Exploring the Nmap Scripting Engine API and Libraries

Exploring the Nmap Scripting Engine API and Libraries

Understanding the structure of an NSE script

Exploring environment variables

Accessing the Nmap API

The NSE registry

Writing NSE libraries

Exploring other popular NSE libraries

Enhancing Version Detection

Enhancing Version Detection

Understanding version detection mode in NSE

Writing your own version detection scripts

Examples of version detection scripts

Developing Brute-force Password-auditing Scripts

Developing Brute-force Password-auditing Scripts

Working with the brute NSE library

Reading usernames and password lists with the unpwdb NSE library

Managing user credentials found during scans

Writing an NSE script to launch password-auditing attacks against the MikroTik RouterOS API

Formatting the Script Output

Formatting the Script Output

Output formats and Nmap Scripting Engine

XML structured output

Printing verbosity messages

Including debugging information

The weakness of the grepable format

NSE script output in the HTML report

Working with Network Sockets and Binary Data

Working with Network Sockets and Binary Data

Working with NSE sockets

Understanding advanced network I/O

Manipulating raw packets

Raw packet handling and NSE sockets

Parallelism

Parallelism options in Nmap

Parallelism mechanisms in Lua

Parallelism mechanisms in NSE

Consuming TCP connections with NSE

Vulnerability Detection and Exploitation

Vulnerability Detection and Exploitation

Vulnerability scanning

Reporting vulnerabilities

Scan Phases

NSE Script Template

NSE Script Template

Other templates online

Script Categories

Script Categories

Nmap Options Mind Map

Nmap Options Mind Map

References

Index

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

DBMS-auditing data files

Certain scripts related to DBMS use data files to store common, related strings and fingerprints to perform security audits. If you normally work with Oracle environments, I highly recommend updates to the following files.

mysql-cis.audit

The mysql-cis.audit file inside your Nmap data directory contains configuration checks described in the CIS MySQL v1.0.2 benchmark. It is used by the mysql-audit script to perform configuration checks by carrying out a series of tests. A test looks like this:

-- Logging
test { id="3.1", desc="Skip symbolic links", sql="SHOW variables WHERE Variable_name = 'log_error' AND Value IS NOT NULL", check=function(rowstab) 
  return { status = not(isEmpty(rowstab[1])) }
end
}

You may set the mysql-audit script argument to select an alternate database:

$nmap -sV --script mysql-audit --script-args mysql-audit.filename=/pentest/mysql.audit <target>

Tip

The official documentation for the mysql-audit script can be found at http://nmap.org/nsedoc...