http-vuln-cve2010-0738
脚本使用类型:
portrule
脚本所属分类:
safe, auth, vuln
脚本下载地址: http://nmap.org/svn/scripts/http-vuln-cve2010-0738.nse
Tests whether a JBoss target is vulnerable to jmx console authentication bypass (CVE-2010-0738).
It works by checking if the target paths require authentication or redirect to a login page that could be bypassed via a HEAD request. RFC 2616 specifies that the HEAD request should be treated exactly like GET but with no returned response body. The script also detects if the URL does not require authentication at all.
For more information, see:
Array of paths to check. Defaults
to {"/jmx-console/"}
.
执行格式
nmap --script=http-vuln-cve2010-0738 --script-args 'http-vuln-cve2010-0738.paths={/path1/,/path2/}' <target>
PORT STATE SERVICE 80/tcp open http | http-vuln-cve2010-0738: |_ /jmx-console/: Authentication bypass.
Author: Hani Benhabiles
License: VER007 整理 http://www.ver007.com