Nmap is without doubt one of the most important tools in security testing. Initially developed as portscanner, the introduction of NSE (Nmap Scripting Language) enhanced the software heavily. NSE scripts allow to create additional tests, which may provide the functionality of a vulnerability scanner. Basic data collected by Nmap and additional network requests can be used to determine software products and security flaws.
The talk is discussing the possibilities of NSE scripting, the improvement of professional scanning (with a customer-based example) and current development in the field of NSE programming (my httprecon-nse port and vulscan module). Administrators and auditors will see the their benefits of automated testing.
1. Nmap NSE Hacking for IT Security Professionals Marc Ruef www.scip.ch Security & Risk Conference November 3th - 6th 2010 Lucerne, Switzerland
2. Agenda | Nmap NSE Hacking 7 min Database Processing 10 min Professional Output Handling 5 min Version Info Script 5 min Simple Portscan Scripts 2 min Introduction 4. Outro 3. Output 2. Scripts 1. Intro 3 min Conclusion 5 min Reporting Possibilities 10 min Exploit Script 3 min Nmap Scripting Engine
3. Introduction 1/3: Who am I „ The Art of Penetration Testing“, Computer & Literatur Böblingen, ISBN 3-936546-49-5 Last Book http://www.computec.ch Private Site Co-Owner / CTO, scip AG, Zürich Profession Marc Ruef Name Translation
4.
5.
6.
7.
8. Nmap Scripting Engine 3/3: What produces NSE enable generic script scan script name script output
9.
10. Simple Portscan Script 2/5: How it Looks define one script to run script generates output
38. Reporting 1/5: Database Example Web Server 2.x Found 192.168.0.10 1 Web Server 2.3 Directory Traversal 192.168.0.10 2 Web Server 2.x Found 192.168.0.11 3 192.168.0.12 tbl_host. host_ipaddr FTP Server 4.2 Found 4 tbl_secissues. secissue_title tbl_findings. finding_id