eBook - ePub

Mastering the Nmap Scripting Engine

Name: Mastering the Nmap Scripting Engine
Author: Paulino Calderon Pale

Paulino Calderon Pale

Share book

244 pages
English
ePUB (mobile friendly)
Available on iOS & Android

eBook - ePub

Mastering the Nmap Scripting Engine

Paulino Calderon Pale

Book details

Book preview

Table of contents

Citations

Frequently asked questions

How do I cancel my subscription?

Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.

Can/how do I download books?

At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.

What is the difference between the pricing plans?

Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.

What is Perlego?

We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.

Do you support text-to-speech?

Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.

Is Mastering the Nmap Scripting Engine an online PDF/ePUB?

Yes, you can access Mastering the Nmap Scripting Engine by Paulino Calderon Pale in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over one million books available in our catalogue for you to explore.

Information

Publisher

Packt Publishing

Year

2015

ISBN

9781782168317

Topic

Computer Science

Subtopic

Cyber Security

Index

Computer Science

Mastering the Nmap Scripting Engine

Credits

About the Author

Acknowledgments

About the Reviewers

www.PacktPub.com

Support files, eBooks, discount offers, and more

Why subscribe?

Free access for Packt account holders

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Downloading the example code

Errata

Piracy

Questions

1. Introduction to the Nmap Scripting Engine

Installing Nmap

Building Nmap from source code

Keeping Nmap up to date

Running NSE scripts

Script categories

NSE script selection

Selecting by script name or category

Selecting by filename or folder

Advanced script selection with expressions

NSE script arguments

Loading script arguments from a file

Forcing the execution of NSE scripts

Debugging NSE scripts

Scan phases and NSE

NSE script rules

Applications of NSE scripts

Information-gathering

Collecting UPNP information

Finding all hostnames resolving to the same IP address

Advanced host discovery

Discovering hosts with broadcast pings

Listening to your LAN to discover targets

Password auditing

Brute-forcing MySQL passwords

Brute-forcing SMTP passwords

Vulnerability scanning

Detecting insecure MySQL server configurations

Detecting web servers vulnerable to slow denial-of-service attacks

Detecting SSL servers vulnerable to CVE-2014-3566

Setting up a development environment

Halcyon IDE

Adding new scripts

Summary

2. Lua Fundamentals

Quick notes about Lua

Comments

Dummy assignments

Indexes

Semantics

Coercion

Safe language

Booleans

Flow control structures

Conditional statements – if-then, else, and elseif

Loops – while

Loops – repeat

Loops – for

Data types

String handling

Character classes

Magic characters

Patterns

Captures

Repetition operators

Concatenation

Finding substrings

String repetition

String length

Formatting strings

Splitting and joining strings

Common data structures

Tables

Arrays

Linked lists

Sets

Queues

Custom data structures

http-enum database

http-default-accounts

I/O operations

Modes

Opening a file

Reading a file

Writing a file

Closing a file

Coroutines

Creating a coroutine

Executing a coroutine

Determining the running coroutine

Getting the status of a coroutine

Yielding a coroutine

Metatables and metamethods

Arithmetic metamethods

Relational metamethods

Summary

3. NSE Data Files

Locating your data directory

Data directory search order

Username and password lists used in brute-force attacks

Username dictionaries

Password dictionaries

Web application auditing data files

http-fingerprints.lua

http-sql-errors.lst

http-web-files-extensions.lst

http-devframework-fingerprints.lua

http-folders.txt

vhosts-default.lst

wp-plugins.lst

DBMS-auditing data files

mysql-cis.audit

oracle-default-accounts.lst

oracle-sids

Java Debug Wire Protocol data files

JDWPExecCmd.java

JDWPSystemInfo.class

Other NSE data files

mygroupnames.db

rtsp-urls.txt

snmpcommunities.lst

ssl-ciphers

ssl-fingerprints

ike-fingerprints.lua

tftplist.txt

Other Nmap data files

Summary

4. Exploring the Nmap Scripting Engine API and Libraries

Understanding the structure of an NSE script

Other NSE script fields

Author

License

Dependencies

A sample NSE script

Exploring environment variables

Accessing the Nmap API

NSE arguments

Host table

Port table

Exception handling in NSE scripts

The NSE registry

Writing NSE libraries

Extending the functionality of an NSE library

NSE modules in C/C++

Exploring other popular NSE libraries

stdnse

openssl

target

shortport

creds

vulns

http

Summary

5. Enhancing Version Detection

Understanding version detection mode in NSE

Phases of version detection

Adjusting the rarity level of a version scan

Updating the version probes database

Taking a closer look at the file format

Excluding scanned ports from version detection

Using fallbacks to match other version probes

Getting to know post-processors

Nmap Scripting Engine

SSL

Writing your own version detection scripts

Defining the category of a version detection script

Defining the portrule of a version detection script

Updating the port version information

Setting the match confidence level

Examples of version detection scripts

NSE script – modbus-discover

NSE script – ventrilo-info

NSE script – rpc-grind

Summary

6. Developing Brute-force Password-auditing Scripts

Working with the brute NSE library

Selecting a brute mode

Implementing the Driver class

Passing library and user options

Returning valid accounts via Account objects

Handling execution errors gracefully with the Error class

Reading usernames and password lists with the unpwdb NSE library

Managing user credentials found during scans

Writing an NSE script to launch password-auditing attacks against the MikroTik RouterOS API

Summary

7. Formatting the Script Output

Output formats and Nmap Scripting Engine

XML structured output

Implementing structured output in your scripts

Printing verbosity messages

Including debugging information

The weakness of the grepable format

NSE script output in the HTML report

Summary

8. Working with Network Sockets and Binary Data

Work...

Frequently asked questions

Information

Mastering the Nmap Scripting Engine

Table of Contents

Table of contents