指令類型:portrule
Nmap Script摘要
WebExService(WebExec)存在一個關鍵的遠程代碼執行漏洞。
另見:
smb-webexec-exploit.nse
Nmap Script參數
smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername參見smbauth庫的文檔。
randomseed, smbbasic, smbport, smbsign參見smb庫的文檔。
vulns.short, vulns.showall參見vulns庫的文檔。
Nmap Script範例
nmap --script smb-vuln-webexec --script-args smbusername=<username>,smbpass=<password> -p445 <host>Nmap Script輸出
PORT STATE SERVICE REASON
445/tcp open microsoft-ds syn-ack
| smb-vuln-webexec:
| VULNERABLE:
| Remote Code Execution vulnerability in WebExService
| State: VULNERABLE
| IDs: CVE:CVE-2018-15442
| Risk factor: HIGH
| A critical remote code execution vulnerability exists in WebExService (WebExec).
| Disclosure date: 2018-10-24
| References:
| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15442
| https://blog.skullsecurity.org/2018/technical-rundown-of-webexec
|_ https://webexec.orgNmap Script作者:
Ron Bowes
License: Same as Nmap--See https://nmap.org/book/man-legal.html
