發表文章

目前顯示的是 12月, 2016的文章

afp-serverinfo.nse說明

圖片
查詢伺服器 一些訊息 指令:  nmap --script afp-serverinfo.nse 192.168.8.251 官方說明: https://nmap.org/nsedoc/scripts/afp-serverinfo.html 內容: local afp = require "afp" local nmap = require "nmap" local shortport = require "shortport" local stdnse = require "stdnse" local table = require "table" description = [[ Shows AFP server information. This information includes the server's hostname, IPv4 and IPv6 addresses, and hardware type (for example <code>Macmini</code> or <code>MacBookPro</code>). ]] --- -- @output -- PORT    STATE SERVICE -- 548/tcp open  afp -- | afp-serverinfo: -- |   Server Flags: -- |     Flags hex: 0x837d -- |     Super Client: true -- |     UUIDs: false -- |     UTF8 Server Name: true -- |     Open Directory: true -- |     Reconnect: false -- |     Server Notifications: true -- |     TCP/IP: true -- |     Server Signature: true -- |     Server Messages: true -- |     P

afp-path-vuln.nse 腳本說明

Detects the Mac OS X AFP directory traversal vulnerability 判斷 MacOS 那台  是否可以被暴力攻擊破解目錄 官方說明: https://nmap.org/nsedoc/scripts/afp-path-vuln.html 参考: https://www.cqure.net/wp/2010/03/detecting-apple-mac-os-x-afp-vulnerability-cve-2010-0533-with-nmap/ 內容: local afp = require "afp" local nmap = require "nmap" local shortport = require "shortport" local stdnse = require "stdnse" local table = require "table" local vulns = require "vulns" description = [[ Detects the Mac OS X AFP directory traversal vulnerability, CVE-2010-0533. This script attempts to iterate over all AFP shares on the remote host. For each share it attempts to access the parent directory by exploiting the directory traversal vulnerability as described in CVE-2010-0533. The script reports whether the system is vulnerable or not. In addition it lists the contents of the parent and child directories to a max depth of 2. When running in verbo