I have blacked out the website I scanned for obvious reasons.
ZENMAP VULNERABILITY SCRIPT COMMAND GENERATOR
| Check results: | WEAK DH GROUP 1 | Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 | Modulus Type: Safe prime | Modulus Source: Unknown/Custom-generated | Modulus Length: 1024 | Generator Length: 8 | Public Key Length: 1024 | References: |_ |_sslv2-drown: Nmap done: 1 IP address (1 host up) scanned in 363.98 seconds | ssl-dh-params: | VULNERABLE: | Diffie-Hellman Key Exchange Insufficient Group Strength | State: VULNERABLE | Transport Layer Security (TLS) services that use Diffie-Hellman groups | of insufficient strength, especially those using one of a few commonly | shared groups, may be susceptible to passive eavesdropping attacks.
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities. | http-fileupload-exploiter: | | Couldn't find a file-type field. | | Disclosure date: | References: | |_ |_http-stored-xss: Couldn't find any stored XSS vulnerabilities. By doing so, it starves | the http server's resources causing Denial Of Service. It accomplishes this by opening connections to | the target web server and sending a partial request. |_http-passwd: ERROR: Script execution failed (use -d to debug) | http-slowloris-check: | VULNERABLE: | Slowloris DOS attack | State: LIKELY VULNERABLE | IDs: CVE:CVE-2007-6750 | Slowloris tries to keep many connections to the target web server open and hold | them open as long as possible. |_http-dombased-xss: Couldn't find any DOM based XSS. Not shown: 998 filtered ports PORT STATE SERVICE 80/tcp open http |_clamav-exec: ERROR: Script execution failed (use -d to debug) |_http-csrf: Couldn't find any CSRF vulnerabilities. Here is the output of the vuln script on a site I have been testing recently: C:\Users\ethan>nmap -script=vuln ⬛⬛⬛⬛⬛⬛⬛⬛⬛⬛⬛⬛⬛⬛⬛⬛ Starting Nmap 7.80 ( ) at 13:50 GMT Summer Time Pre-scan script results: | broadcast-avahi-dos: | Discovered hosts: | ⬛⬛⬛.⬛⬛⬛.⬛⬛.⬛⬛⬛ | After NULL UDP avahi packet DoS (CVE-2011-1002).
Just turn them off for the duration of the scan. To use it, run nmap with the included option: -script=vulnĪntivirus, such as Norton, might stop nmap from running the scan (because it recreates exploits to find them, your antivirus might see that as you being attacked). Nmap does come with a vulnurability scanner pre-installed.
0 kommentar(er)
