ꦫꦣꦺꦤ꧀ꦄꦤ꧀ꦠꦱꦺꦤ

PATH: usr / share / nmap / scripts

local rpc = require "rpc"
local shortport = require "shortport"
local stdnse = require "stdnse"
local string = require "string"
local tab = require "tab"
local table = require "table"
local nmap = require "nmap"

description = [[
Retrieves disk space statistics and information from a remote NFS share.
The output is intended to resemble the output of <code>df</code>.

The script will provide pathconf information of the remote NFS if
the version used is NFSv3.
]]

---
-- @output
-- PORT    STATE SERVICE
-- | nfs-statfs:
-- |   Filesystem           1K-blocks  Used     Available  Use%  Blocksize
-- |   /mnt/nfs/files       5542276    2732012  2528728    52%   4096
-- |_  /mnt/nfs/opensource  5534416    620640   4632644    12%   4096
--
-- @args nfs-statfs.human If set to <code>1</code> or <code>true</code>,
--       shows file sizes in a human readable format with suffixes like
--       <code>KB</code> and <code>MB</code>.

-- Version 0.3

-- Created 01/25/2010 - v0.1 - created by Patrik Karlsson <patrik@cqure.net>
-- Revised 02/22/2010 - v0.2 - adapted to support new RPC library
-- Revised 03/13/2010 - v0.3 - converted host to port rule
-- Revised 06/28/2010 - v0.4 - added NFSv3 support and doc

author = "Patrik Karlsson, Djalal Harouni"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"discovery", "safe"}
dependencies = {"rpc-grind"}

portrule = shortport.port_or_service(111, "rpcbind", {"tcp", "udp"} )

hostrule = function(host)
  local mountport, nfsport
  if host.registry.nfs then
    mountport = host.registry.nfs.mountport
    nfsport = host.registry.nfs.nfsport
  else
    host.registry.nfs = {}
  end
  for _,proto in ipairs({"tcp","udp"}) do
    local port = nmap.get_ports(host, nil, proto, "open")
    while port do
      if port.version then
        if port.service == "mountd" then
          mountport = port
        elseif port.service == "nfs" then
          nfsport = port
        end
      end
      if mountport and nfsport then break end
      port = nmap.get_ports(host, port, proto, "open")
    end
    if mountport and nfsport then break end
  end
  if nfsport == nil then return false end
  if host.registry.nfs.nfsver == nil then
    local low, high = string.match(nfsport.version.version, "(%d)-(%d)")
    if high == nil then
      high = tonumber(nfsport.version.version)
      if high == 4 then
        return false --Can't support version 4
      else
        host.registry.nfs.nfsver = high
      end
    else
      if high == "4" then
        host.registry.nfs.nfsver = 3
      else
        host.registry.nfs.nfsver = tonumber(low)
      end
    end
  end
  if mountport == nil then return false end
  if host.registry.nfs.mountver == nil then
    local low, high = string.match(mountport.version.version, "(%d)-(%d)")
    if high == nil then
      host.registry.nfs.mountver = tonumber(mountport.version.version)
    else
      host.registry.nfs.mountver = tonumber(high)
    end
  end
  host.registry.nfs.mountport = mountport
  host.registry.nfs.nfsport = nfsport
  return (mountport and nfsport)
end

local procedures = { }

local function table_fsstat(nfs, mount, stats)
  local fs, err = rpc.Util.calc_fsstat_table(stats, nfs.version, nfs.human)
  if fs == nil then
    return false, err
  end
  fs.filesystem = string.format("%s", mount)
  return true, fs
end

local function table_fsinfo(nfs, fsinfo)
  local ret = {}
  local fs, err = rpc.Util.calc_fsinfo_table(fsinfo, nfs.version, nfs.human)
  if fs == nil then
    return false, err
  end

ret.maxfilesize = fs.maxfilesize
  return true, ret
end

local function table_pathconf(nfs, pconf)
  local ret = {}
  local fs, err = rpc.Util.calc_pathconf_table(pconf, nfs.version)
  if fs == nil then
    return false, err
  end

ret.linkmax = fs.linkmax
  return true, ret
end

local function report(nfs, tables)
  local outtab, tab_size, tab_avail
  local tab_filesys, tab_used, tab_use,
        tab_bs, tab_maxfs, tab_linkmax = "Filesystem",
        "Used", "Use%", "Blocksize", "Maxfilesize", "Maxlink"

if nfs.human then
    tab_size = "Size"
    tab_avail = "Avail"
  else
    tab_size = "1K-blocks"
    tab_avail = "Available"
  end

if nfs.version == 2 then
    outtab = tab.new()
    tab.addrow(outtab, tab_filesys, tab_size, tab_used,
                       tab_avail, tab_use, tab_bs)
    for _, t in ipairs(tables) do
      tab.addrow(outtab, t.filesystem, t.size,
                         t.used, t.available, t.use, t.bsize)
    end
  elseif nfs.version == 3 then
    outtab = tab.new()
    tab.addrow(outtab, tab_filesys, tab_size, tab_used,
                       tab_avail, tab_use, tab_maxfs, tab_linkmax)
    for _, t in ipairs(tables) do
      tab.addrow(outtab, t.filesystem, t.size, t.used,
                        t.available, t.use, t.maxfilesize, t.linkmax)
    end
  end

return tab.dump(outtab)
end

local function nfs_filesystem_info(nfs, mount, filesystem)
  local results, res, status = {}, {}
  local nfsobj = rpc.NFS:new()
  local mnt_comm, nfs_comm, fhandle

mnt_comm, fhandle = procedures.MountPath(nfs.host, mount)
  if mnt_comm == nil then
    return false, fhandle
  end

local nfs_comm, status = procedures.NfsOpen(nfs.host)
  if nfs_comm == nil then
    rpc.Helper.UnmountPath(mnt_comm, mount)
    return false, status
  end

nfs.version = nfs_comm.version

-- use simple check since NFSv1 is not used anymore, and NFSv4 not supported
  if (nfs_comm.version <= 2  and mnt_comm.version > 2) then
    rpc.Helper.UnmountPath(mnt_comm, mount)
    return false, string.format("versions mismatch, nfs v%d - mount v%d",
                                nfs_comm.version, mnt_comm.version)
  end

if nfs_comm.version < 3 then
    status, res = nfsobj:StatFs(nfs_comm, fhandle)
  elseif nfs_comm.version == 3 then
    status, res = nfsobj:FsStat(nfs_comm, fhandle)
  end
  
  if status then 
    status, res = table_fsstat(nfs, mount, res)
    if status then
      for k, v in pairs(res) do
        results[k] = v
      end
    end

if nfs_comm.version == 3 then
      status, res = nfsobj:FsInfo(nfs_comm, fhandle)
      if status then
        status, res = table_fsinfo(nfs, res)
        if status then
          for k, v in pairs(res) do
            results[k] = v
          end
        end
      end

status, res = nfsobj:PathConf(nfs_comm, fhandle)
      if status then
        status, res = table_pathconf(nfs, res)
        if status then
          for k, v in pairs(res) do
            results[k] = v
          end
        end
      end

end
  end

rpc.Helper.NfsClose(nfs_comm)
  rpc.Helper.UnmountPath(mnt_comm, mount)
  if (not(status)) then
    return status, res
  end

table.insert(filesystem, results)
  return true, nil
end

mainaction = function(host)
  local fs_info, mounts, status = {}, {}, {}
  local nfs_info =
  {
    host    = host,
  }
  nfs_info.human = stdnse.get_script_args('nfs-statfs.human')

status, mounts = procedures.ShowMounts( host )
  if (not(status)) then
    return stdnse.format_output(false, mounts)
  end

for _, v in ipairs(mounts) do
    local err
    status, err = nfs_filesystem_info(nfs_info, v.name, fs_info)
    if (not(status)) then
      return stdnse.format_output(false,
                  string.format("%s: %s", v.name, err))
    end
  end
 
  return stdnse.format_output(true, report(nfs_info, fs_info))
end

hostaction = function(host)
  procedures = {
    ShowMounts = function(ahost)
      local mnt_comm, status, result, mounts
      local mnt = rpc.Mount:new()
      mnt_comm = rpc.Comm:new('mountd', host.registry.nfs.mountver)
      status, result = mnt_comm:Connect(ahost, host.registry.nfs.mountport)
      if ( not(status) ) then
        stdnse.print_debug(4, "ShowMounts: %s", result)
        return false, result
      end
      status, mounts = mnt:Export(mnt_comm)
      mnt_comm:Disconnect()
      if ( not(status) ) then
        stdnse.print_debug(4, "ShowMounts: %s", mounts)
      end
      return status, mounts
    end,

MountPath = function(ahost, path)
      local fhandle, status, err
      local mountd, mnt_comm
      local mnt = rpc.Mount:new()

mnt_comm = rpc.Comm:new("mountd", host.registry.nfs.mountver)

status, err = mnt_comm:Connect(host, host.registry.nfs.mountport)
      if not status then
        stdnse.print_debug(4, "MountPath: %s", err)
        return nil, err
      end

status, fhandle = mnt:Mount(mnt_comm, path)
      if not status then
        mnt_comm:Disconnect()
        stdnse.print_debug(4, "MountPath: %s", fhandle)
        return nil, fhandle
      end

return mnt_comm, fhandle
    end,

NfsOpen = function(ahost)
      local nfs_comm, status, err

nfs_comm = rpc.Comm:new('nfs', host.registry.nfs.nfsver)
      status, err = nfs_comm:Connect(host, host.registry.nfs.nfsport)
      if not status then
        stdnse.print_debug(4, "NfsOpen: %s", err)
        return nil, err
      end

return nfs_comm, nil
    end,
  }
  return mainaction(host)
end

portaction = function(host, port)
  procedures = {
    ShowMounts = function(ahost)
      return rpc.Helper.ShowMounts(ahost, port)
    end,
    MountPath = function(ahost, path)
      return rpc.Helper.MountPath(ahost, port, path)
    end,
    NfsOpen = function(ahost)
      return rpc.Helper.NfsOpen(ahost, port)
    end,
  }
  return mainaction(host)
end

local ActionsTable = {
  -- portrule: use rpcbind service
  portrule = portaction,
  -- hostrule: Talk to services directly
  hostrule = hostaction
}

action = function(...) return ActionsTable[SCRIPT_TYPE](...) end

[+] ..
[-] qscan.nse [edit]
[-] oracle-brute.nse [edit]
[-] smtp-vuln-cve2011-1764.nse [edit]
[-] broadcast-pc-duo.nse [edit]
[-] targets-ipv6-multicast-mld.nse [edit]
[-] http-backup-finder.nse [edit]
[-] http-sitemap-generator.nse [edit]
[-] cassandra-brute.nse [edit]
[-] snmp-win32-services.nse [edit]
[-] ftp-brute.nse [edit]
[-] irc-botnet-channels.nse [edit]
[-] rsync-brute.nse [edit]
[-] icap-info.nse [edit]
[-] citrix-brute-xml.nse [edit]
[-] iax2-version.nse [edit]
[-] nfs-ls.nse [edit]
[-] ndmp-fs-info.nse [edit]
[-] cvs-brute-repository.nse [edit]
[-] http-drupal-modules.nse [edit]
[-] mysql-databases.nse [edit]
[-] xmpp-info.nse [edit]
[-] pgsql-brute.nse [edit]
[-] ssl-google-cert-catalog.nse [edit]
[-] smtp-commands.nse [edit]
[-] rpcinfo.nse [edit]
[-] snmp-hh3c-logins.nse [edit]
[-] dns-zone-transfer.nse [edit]
[-] murmur-version.nse [edit]
[-] metasploit-xmlrpc-brute.nse [edit]
[-] http-brute.nse [edit]
[-] nessus-xmlrpc-brute.nse [edit]
[-] krb5-enum-users.nse [edit]
[-] vuze-dht-info.nse [edit]
[-] smb-ls.nse [edit]
[-] openlookup-info.nse [edit]
[-] hadoop-namenode-info.nse [edit]
[-] informix-tables.nse [edit]
[-] http-vuln-cve2010-0738.nse [edit]
[-] omp2-brute.nse [edit]
[-] http-headers.nse [edit]
[-] bitcoin-info.nse [edit]
[-] smb-psexec.nse [edit]
[-] eppc-enum-processes.nse [edit]
[-] afp-brute.nse [edit]
[-] iscsi-brute.nse [edit]
[-] http-enum.nse [edit]
[-] smb-enum-sessions.nse [edit]
[-] daytime.nse [edit]
[-] mongodb-info.nse [edit]
[-] omp2-enum-targets.nse [edit]
[-] p2p-conficker.nse [edit]
[-] teamspeak2-version.nse [edit]
[-] http-wordpress-brute.nse [edit]
[-] riak-http-info.nse [edit]
[-] http-joomla-brute.nse [edit]
[-] path-mtu.nse [edit]
[-] targets-traceroute.nse [edit]
[-] snmp-win32-users.nse [edit]
[-] http-unsafe-output-escaping.nse [edit]
[-] http-traceroute.nse [edit]
[-] ftp-anon.nse [edit]
[-] mysql-info.nse [edit]
[-] mtrace.nse [edit]
[-] openvas-otp-brute.nse [edit]
[-] lltd-discovery.nse [edit]
[-] ssl-enum-ciphers.nse [edit]
[-] dict-info.nse [edit]
[-] netbus-version.nse [edit]
[-] nfs-statfs.nse [edit]
[-] hostmap-bfk.nse [edit]
[-] dns-random-txid.nse [edit]
[-] http-affiliate-id.nse [edit]
[-] socks-brute.nse [edit]
[-] bitcoin-getaddr.nse [edit]
[-] acarsd-info.nse [edit]
[-] http-cakephp-version.nse [edit]
[-] oracle-enum-users.nse [edit]
[-] dns-brute.nse [edit]
[-] http-google-malware.nse [edit]
[-] hostmap-robtex.nse [edit]
[-] http-barracuda-dir-traversal.nse [edit]
[-] http-auth-finder.nse [edit]
[-] resolveall.nse [edit]
[-] informix-query.nse [edit]
[-] mysql-users.nse [edit]
[-] nrpe-enum.nse [edit]
[-] mysql-empty-password.nse [edit]
[-] broadcast-xdmcp-discover.nse [edit]
[-] ip-geolocation-geobytes.nse [edit]
[-] cups-info.nse [edit]
[-] tftp-enum.nse [edit]
[-] http-icloud-sendmsg.nse [edit]
[-] nbstat.nse [edit]
[-] ajp-headers.nse [edit]
[-] nexpose-brute.nse [edit]
[-] giop-info.nse [edit]
[-] sip-call-spoof.nse [edit]
[-] broadcast-tellstick-discover.nse [edit]
[-] dns-nsec3-enum.nse [edit]
[-] http-grep.nse [edit]
[-] http-drupal-enum-users.nse [edit]
[-] smb-enum-processes.nse [edit]
[-] maxdb-info.nse [edit]
[-] rtsp-url-brute.nse [edit]
[-] ganglia-info.nse [edit]
[-] ip-geolocation-maxmind.nse [edit]
[-] traceroute-geolocation.nse [edit]
[-] rpcap-info.nse [edit]
[-] http-waf-detect.nse [edit]
[-] ms-sql-dac.nse [edit]
[-] citrix-enum-servers.nse [edit]
[-] http-vmware-path-vuln.nse [edit]
[-] mongodb-brute.nse [edit]
[-] http-passwd.nse [edit]
[-] x11-access.nse [edit]
[-] http-generator.nse [edit]
[-] ms-sql-info.nse [edit]
[-] http-method-tamper.nse [edit]
[-] http-robtex-shared-ns.nse [edit]
[-] http-majordomo2-dir-traversal.nse [edit]
[-] ms-sql-empty-password.nse [edit]
[-] broadcast-netbios-master-browser.nse [edit]
[-] citrix-enum-servers-xml.nse [edit]
[-] broadcast-networker-discover.nse [edit]
[-] mrinfo.nse [edit]
[-] lexmark-config.nse [edit]
[-] http-frontpage-login.nse [edit]
[-] smtp-open-relay.nse [edit]
[-] http-git.nse [edit]
[-] targets-asn.nse [edit]
[-] http-favicon.nse [edit]
[-] backorifice-info.nse [edit]
[-] http-vuln-cve2011-3192.nse [edit]
[-] realvnc-auth-bypass.nse [edit]
[-] broadcast-wpad-discover.nse [edit]
[-] http-methods.nse [edit]
[-] smb-check-vulns.nse [edit]
[-] sshv1.nse [edit]
[-] broadcast-bjnp-discover.nse [edit]
[-] http-title.nse [edit]
[-] broadcast-novell-locate.nse [edit]
[-] smb-vuln-ms10-054.nse [edit]
[-] afp-showmount.nse [edit]
[-] broadcast-rip-discover.nse [edit]
[-] http-slowloris.nse [edit]
[-] nat-pmp-mapport.nse [edit]
[-] ftp-libopie.nse [edit]
[-] targets-ipv6-multicast-echo.nse [edit]
[-] nessus-brute.nse [edit]
[-] membase-brute.nse [edit]
[-] ip-geolocation-ipinfodb.nse [edit]
[-] smb-print-text.nse [edit]
[-] smtp-enum-users.nse [edit]
[-] ajp-brute.nse [edit]
[-] bitcoinrpc-info.nse [edit]
[-] auth-owners.nse [edit]
[-] targets-ipv6-multicast-invalid-dst.nse [edit]
[-] afp-path-vuln.nse [edit]
[-] oracle-brute-stealth.nse [edit]
[-] http-vlcstreamer-ls.nse [edit]
[-] auth-spoof.nse [edit]
[-] nping-brute.nse [edit]
[-] broadcast-dropbox-listener.nse [edit]
[-] afp-ls.nse [edit]
[-] broadcast-db2-discover.nse [edit]
[-] quake3-info.nse [edit]
[-] snmp-sysdescr.nse [edit]
[-] dhcp-discover.nse [edit]
[-] ms-sql-config.nse [edit]
[-] http-comments-displayer.nse [edit]
[-] smb-vuln-ms10-061.nse [edit]
[-] ipv6-node-info.nse [edit]
[-] http-awstatstotals-exec.nse [edit]
[-] ldap-rootdse.nse [edit]
[-] rtsp-methods.nse [edit]
[-] smb-enum-domains.nse [edit]
[-] sniffer-detect.nse [edit]
[-] hbase-master-info.nse [edit]
[-] modbus-discover.nse [edit]
[-] http-rfi-spider.nse [edit]
[-] msrpc-enum.nse [edit]
[-] mysql-query.nse [edit]
[-] ftp-vsftpd-backdoor.nse [edit]
[-] domcon-brute.nse [edit]
[-] citrix-enum-apps-xml.nse [edit]
[-] pjl-ready-message.nse [edit]
[-] sip-brute.nse [edit]
[-] http-vuln-cve2011-3368.nse [edit]
[-] firewalk.nse [edit]
[-] http-gitweb-projects-enum.nse [edit]
[-] http-open-redirect.nse [edit]
[-] ajp-methods.nse [edit]
[-] ip-forwarding.nse [edit]
[-] ncp-serverinfo.nse [edit]
[-] smb-enum-shares.nse [edit]
[-] ssh2-enum-algos.nse [edit]
[-] cvs-brute.nse [edit]
[-] nat-pmp-info.nse [edit]
[-] epmd-info.nse [edit]
[-] bjnp-discover.nse [edit]
[-] stuxnet-detect.nse [edit]
[-] ftp-vuln-cve2010-4221.nse [edit]
[-] http-litespeed-sourcecode-download.nse [edit]
[-] gpsd-info.nse [edit]
[-] snmp-ios-config.nse [edit]
[-] broadcast-igmp-discovery.nse [edit]
[-] http-robtex-reverse-ip.nse [edit]
[-] snmp-processes.nse [edit]
[-] broadcast-sybase-asa-discover.nse [edit]
[-] wsdd-discover.nse [edit]
[-] netbus-info.nse [edit]
[-] broadcast-ripng-discover.nse [edit]
[-] pop3-brute.nse [edit]
[-] backorifice-brute.nse [edit]
[-] domcon-cmd.nse [edit]
[-] citrix-enum-apps.nse [edit]
[-] dns-nsec-enum.nse [edit]
[-] rpcap-brute.nse [edit]
[-] ftp-bounce.nse [edit]
[-] stun-info.nse [edit]
[-] dns-update.nse [edit]
[-] broadcast-wake-on-lan.nse [edit]
[-] dns-cache-snoop.nse [edit]
[-] rsync-list-modules.nse [edit]
[-] snmp-netstat.nse [edit]
[-] url-snarf.nse [edit]
[-] snmp-interfaces.nse [edit]
[-] cassandra-info.nse [edit]
[-] http-huawei-hg5xx-vuln.nse [edit]
[-] memcached-info.nse [edit]
[-] http-proxy-brute.nse [edit]
[-] pptp-version.nse [edit]
[-] broadcast-pppoe-discover.nse [edit]
[-] dns-random-srcport.nse [edit]
[-] ip-geolocation-geoplugin.nse [edit]
[-] smb-security-mode.nse [edit]
[-] ms-sql-dump-hashes.nse [edit]
[-] ntp-monlist.nse [edit]
[-] http-wordpress-enum.nse [edit]
[-] ike-version.nse [edit]
[-] broadcast-eigrp-discovery.nse [edit]
[-] amqp-info.nse [edit]
[-] iax2-brute.nse [edit]
[-] mysql-variables.nse [edit]
[-] ajp-request.nse [edit]
[-] cccam-version.nse [edit]
[-] mysql-brute.nse [edit]
[-] http-malware-host.nse [edit]
[-] http-domino-enum-passwords.nse [edit]
[-] vnc-brute.nse [edit]
[-] duplicates.nse [edit]
[-] db2-das-info.nse [edit]
[-] broadcast-dhcp6-discover.nse [edit]
[-] pop3-capabilities.nse [edit]
[-] http-form-fuzzer.nse [edit]
[-] flume-master-info.nse [edit]
[-] ms-sql-tables.nse [edit]
[-] broadcast-wsdd-discover.nse [edit]
[-] jdwp-info.nse [edit]
[-] mcafee-epo-agent.nse [edit]
[-] smb-brute.nse [edit]
[-] irc-sasl-brute.nse [edit]
[-] http-php-version.nse [edit]
[-] ms-sql-brute.nse [edit]
[-] http-form-brute.nse [edit]
[-] http-cors.nse [edit]
[-] jdwp-version.nse [edit]
[-] smbv2-enabled.nse [edit]
[-] ssl-cert.nse [edit]
[-] dns-fuzz.nse [edit]
[-] mysql-enum.nse [edit]
[-] script.db [edit]
[-] rlogin-brute.nse [edit]
[-] ovs-agent-version.nse [edit]
[-] ntp-info.nse [edit]
[-] ajp-auth.nse [edit]
[-] targets-sniffer.nse [edit]
[-] quake3-master-getservers.nse [edit]
[-] http-date.nse [edit]
[-] cups-queue-info.nse [edit]
[-] rdp-vuln-ms12-020.nse [edit]
[-] http-tplink-dir-traversal.nse [edit]
[-] http-robots.txt.nse [edit]
[-] hadoop-tasktracker-info.nse [edit]
[-] eap-info.nse [edit]
[-] ms-sql-xp-cmdshell.nse [edit]
[-] broadcast-dns-service-discovery.nse [edit]
[-] sip-methods.nse [edit]
[-] broadcast-avahi-dos.nse [edit]
[-] hadoop-secondary-namenode-info.nse [edit]
[-] db2-discover.nse [edit]
[-] jdwp-inject.nse [edit]
[-] servicetags.nse [edit]
[-] netbus-brute.nse [edit]
[-] ms-sql-hasdbaccess.nse [edit]
[-] gopher-ls.nse [edit]
[-] asn-query.nse [edit]
[-] firewall-bypass.nse [edit]
[-] redis-brute.nse [edit]
[-] dpap-brute.nse [edit]
[-] imap-capabilities.nse [edit]
[-] smtp-vuln-cve2010-4344.nse [edit]
[-] tls-nextprotoneg.nse [edit]
[-] upnp-info.nse [edit]
[-] http-icloud-findmyiphone.nse [edit]
[-] ventrilo-info.nse [edit]
[-] hostmap-ip2hosts.nse [edit]
[-] wdb-version.nse [edit]
[-] http-qnap-nas-info.nse [edit]
[-] smb-enum-groups.nse [edit]
[-] address-info.nse [edit]
[-] smb-mbenum.nse [edit]
[-] dns-srv-enum.nse [edit]
[-] http-iis-webdav-vuln.nse [edit]
[-] broadcast-listener.nse [edit]
[-] http-default-accounts.nse [edit]
[-] mysql-audit.nse [edit]
[-] bittorrent-discovery.nse [edit]
[-] reverse-index.nse [edit]
[-] smb-os-discovery.nse [edit]
[-] smtp-strangeport.nse [edit]
[-] socks-open-proxy.nse [edit]
[-] http-vhosts.nse [edit]
[-] broadcast-upnp-info.nse [edit]
[-] afp-serverinfo.nse [edit]
[-] targets-ipv6-multicast-slaac.nse [edit]
[-] ldap-novell-getpass.nse [edit]
[-] nfs-showmount.nse [edit]
[-] http-vuln-cve2012-1823.nse [edit]
[-] stun-version.nse [edit]
[-] http-fileupload-exploiter.nse [edit]
[-] vnc-info.nse [edit]
[-] http-axis2-dir-traversal.nse [edit]
[-] ssh-hostkey.nse [edit]
[-] http-phpmyadmin-dir-traversal.nse [edit]
[-] hadoop-jobtracker-info.nse [edit]
[-] http-stored-xss.nse [edit]
[-] hbase-region-info.nse [edit]
[-] broadcast-ataoe-discover.nse [edit]
[-] dns-check-zone.nse [edit]
[-] rdp-enum-encryption.nse [edit]
[-] ms-sql-query.nse [edit]
[-] http-wordpress-plugins.nse [edit]
[-] irc-info.nse [edit]
[-] rmi-vuln-classloader.nse [edit]
[-] ssl-known-key.nse [edit]
[-] mysql-dump-hashes.nse [edit]
[-] rexec-brute.nse [edit]
[-] mmouse-exec.nse [edit]
[-] vmauthd-brute.nse [edit]
[-] dns-ip6-arpa-scan.nse [edit]
[-] smb-system-info.nse [edit]
[-] irc-brute.nse [edit]
[-] broadcast-versant-locate.nse [edit]
[-] xmpp-brute.nse [edit]
[-] ldap-search.nse [edit]
[-] http-put.nse [edit]
[-] banner.nse [edit]
[-] http-adobe-coldfusion-apsa1301.nse [edit]
[-] llmnr-resolve.nse [edit]
[-] domino-enum-users.nse [edit]
[-] broadcast-ms-sql-discover.nse [edit]
[-] telnet-brute.nse [edit]
[-] isns-info.nse [edit]
[-] http-userdir-enum.nse [edit]
[-] smb-enum-users.nse [edit]
[-] dns-nsid.nse [edit]
[-] ndmp-version.nse [edit]
[-] voldemort-info.nse [edit]
[-] sslv2.nse [edit]
[-] redis-info.nse [edit]
[-] drda-brute.nse [edit]
[-] smtp-vuln-cve2011-1720.nse [edit]
[-] skypev2-version.nse [edit]
[-] http-open-proxy.nse [edit]
[-] irc-unrealircd-backdoor.nse [edit]
[-] ssl-date.nse [edit]
[-] couchdb-databases.nse [edit]
[-] snmp-win32-software.nse [edit]
[-] whois.nse [edit]
[-] http-email-harvest.nse [edit]
[-] http-virustotal.nse [edit]
[-] broadcast-pim-discovery.nse [edit]
[-] distcc-cve2004-2687.nse [edit]
[-] http-exif-spider.nse [edit]
[-] couchdb-stats.nse [edit]
[-] rpc-grind.nse [edit]
[-] finger.nse [edit]
[-] metasploit-msgrpc-brute.nse [edit]
[-] http-waf-fingerprint.nse [edit]
[-] http-config-backup.nse [edit]
[-] http-vuln-cve2010-2861.nse [edit]
[-] ipv6-ra-flood.nse [edit]
[-] http-phpself-xss.nse [edit]
[-] http-sql-injection.nse [edit]
[-] telnet-encryption.nse [edit]
[-] jdwp-exec.nse [edit]
[-] hddtemp-info.nse [edit]
[-] metasploit-info.nse [edit]
[-] ipidseq.nse [edit]
[-] http-auth.nse [edit]
[-] ncp-enum-users.nse [edit]
[-] sip-enum-users.nse [edit]
[-] daap-get-library.nse [edit]
[-] socks-auth-info.nse [edit]
[-] broadcast-dhcp-discover.nse [edit]
[-] http-vuln-cve2009-3960.nse [edit]
[-] http-coldfusion-subzero.nse [edit]
[-] mongodb-databases.nse [edit]
[-] xdmcp-discover.nse [edit]
[-] http-chrono.nse [edit]
[-] netbus-auth-bypass.nse [edit]
[-] drda-info.nse [edit]
[-] membase-http-info.nse [edit]
[-] smb-flood.nse [edit]
[-] dns-zeustracker.nse [edit]
[-] http-apache-negotiation.nse [edit]
[-] iscsi-info.nse [edit]
[-] smb-server-stats.nse [edit]
[-] mysql-vuln-cve2012-2122.nse [edit]
[-] dns-service-discovery.nse [edit]
[-] creds-summary.nse [edit]
[-] oracle-sid-brute.nse [edit]
[-] dns-recursion.nse [edit]
[-] broadcast-pc-anywhere.nse [edit]
[-] http-slowloris-check.nse [edit]
[-] snmp-brute.nse [edit]
[-] ftp-proftpd-backdoor.nse [edit]
[-] imap-brute.nse [edit]
[-] gkrellm-info.nse [edit]
[-] versant-info.nse [edit]
[-] svn-brute.nse [edit]
[-] hadoop-datanode-info.nse [edit]
[-] informix-brute.nse [edit]
[-] mmouse-brute.nse [edit]
[-] samba-vuln-cve-2012-1182.nse [edit]
[-] broadcast-ping.nse [edit]
[-] unusual-port.nse [edit]
[-] smtp-brute.nse [edit]
[-] http-vuln-cve2013-0156.nse [edit]
[-] http-trace.nse [edit]
[-] rmi-dumpregistry.nse [edit]
[-] dns-blacklist.nse [edit]
[-] ldap-brute.nse [edit]
[-] pcanywhere-brute.nse [edit]
[-] dns-client-subnet-scan.nse [edit]
[-] snmp-win32-shares.nse [edit]