-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Propose vulners.nse to official nmap repo. #1126
Conversation
The proposed script is the latest stable release of vulnersCom/nmap-vulners github repo.
Ping? |
That's https://github.com/vulnersCom/nmap-vulners this one NSE plugin |
What's the query limit per IP?
I've looked into this before but at the time we had a working version of
vulscan which does the same thing with a local database so we didnt have to
deal with any privacy issues too.
However, The script works as expected so besides the expected additional
server load on the service which you obviously are OK with, it might be
worth adding it as an external option or even merging into vulscan.nse
El vie., 8 de jun. de 2018 9:26 a. m., Vulners Team <
notifications@github.com> escribió:
… Ping?
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#1126 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AALs7BW8lm3cjlKm_Bm3RXO8a7sh8VJnks5t6ol9gaJpZM4R23ib>
.
|
At the moment it's about 1000rps. No one user even gets close)) Unfortunately no way to use local db, it's about 250gb in elastics and API works querying it on the fly. What do you mean by "external option"? |
scripts/vulners.nse
Outdated
|
||
author = 'gmedian AT vulners DOT com' | ||
license = "Same as Nmap--See https://nmap.org/book/man-legal.html" | ||
categories = {"vuln", "safe"} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If I understand well, this script must also be categorized as "external".
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Got it.
scripts/vulners.nse
Outdated
Its work is pretty simple: | ||
- work only when some software version is identified for an open port | ||
- take all the known cpe for that software (from the standard nmap output) | ||
- ask whether some known vulns exist for that cpe |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You probably want to mention here that it connects to a remote service.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Definitely yes. Will refactor the description.
Slightly change the description to explicitly mention the usage of the remote service. Add the script to the "external" category.
@vulnersCom @cldrn @p-l- |
Is it ok now? |
message for the devs, the https://vulners.com/products web site explicitly mentions nmap scrips and the API seems to be free and open (https://vulners.com/docs) and all links from the main site point to the @vulnersCom github account so i think we think permission to use the API has been granted. anything else holding this up, it looks like a really nice addition? |
Hi fellows. |
Gentle ping ^) |
I use this script as a useful addition to the vuln category. I'd be nice for it to be in the main scripts. |
Hi devs! Any movements here? |
Bump. |
We use this script quite extensively in a large media company and it would be really nice if it was in the official scripts directory. |
We use this script extensively and have built pretty printing, persistence and visualisation (which we will eventually open source). Can we please get this merged into the the nmap official scripts or is there something holding this back? Some users have a problem finding the scripts folder. |
Bump |
Not sure if nmap needs a separate NSE chief maintainer and other lower down the chain. Some of those scripts are old, and this is where I see the innovation emerging. WDYT? @vulnersCom This is that what we've got ATM with your Lua script: |
@vulnersCom I'm working on getting this done with a few adjustments, but I can't seem to get any results. Every query is coming back with the following response:
Is this expected? Is there a particular query (CPE, software name and version, etc.) that I could use to get a valid result for testing? |
@dmiller-nmap https://vulners.com/api/v3/burp/software/?type=cpe&software=cpe:/a:mongodb:mongodb&version=2.2 There is always 200 reply if server side is OK. But differs in JSON "result" var. |
The proposed script is the latest stable release of vulnersCom/nmap-vulners github repo.