HOME>>>>>>>>>

File domino-enum-users

脚本使用类型: portrule
脚本所属分类: intrusive, auth
脚本下载地址: http://nmap.org/svn/scripts/domino-enum-users.nse

User Summary

Attempts to discover valid IBM Lotus Domino users and download their ID files by exploiting the CVE-2006-5835 vulnerability.

Script Arguments

domino-id.path

the location to which any retrieved ID files are stored

domino-id.username

the name of the user from which to retrieve the ID. If this parameter is not specified, the unpwdb library will be used to brute force names of users.

For more information see: http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21248026

Credits ------- o Ollie Whitehouse for bringing this to my attention back in the days when it was first discovered and for the c-code on which this is based.

passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb

See the documentation for the unpwdb library.

Example Usage

执行格式

nmap --script domino-enum-users -p 1352 <host>

Script Output

PORT     STATE SERVICE REASON
1352/tcp open  lotusnotes
| domino-enum-users:
|   User "Patrik Karlsson" found, but not ID file could be downloaded
|   Succesfully stored "FFlintstone" in /tmp/FFlintstone.id
|_  Succesfully stored "MJacksson" in /tmp/MJacksson.id

Requires


Author: Patrik Karlsson

License: VER007 整理 http://www.ver007.com