[unisog] Vulnerability scanner for MS05-039
russel at yorku.ca
Wed Aug 17 14:25:40 GMT 2005
If you have any info on the w2k systems that are showing inconclusive with
noxscan but are vulnerable according to metasploit that would be useful -
is the code just ? If so I'm thinking it may be timeout issues
(old, slow/busy machines or network glitches?), increasing the receive
timeout may catch them. I run with -r 1800 which is more than
double the default... maybe I should change the default!
Manager CNS Information Security
York University, Toronto, Canada
On Wed, 17 Aug 2005, Russell Fulton wrote:
> I'll add my thanks to Syl's! Great work Chris.
> I have also been busy and hacked a version metasploit's mscli to take a file of IPs this makes it somewhat faster than running the mscli from a script because you are not starting perl and loading metasploit for each machine. The original version spawned processes to run the tests in parallel but I am not sure if this is reliable -- more testing needed.
> I have been using noxscan since yesterday morning and getting large numbers of INCONCLUSIVEs.
> I turns out that 2003 and XP turn up as INCONCLUSIVE (quite rightly since one can't test the vulnerability without logging in) but there were also some w2k boxes too so I used my script to recheck these machines and came up with about 80 more (to add to the 600 we found on the first scan). I hasten to add that the number is much lower this morning ;)
> I'll do a bit more work on my metasploit bulk script this morning and then post it to the list.
More information about the unisog