An advanced Nmap script designed to detect potential vulnerabilities in network services. This article delves into the technical specifics, requirements, and operational details of the script, providing a comprehensive guide for enhancing your network’s security.
Learn how to effectively use CVEScannerV2 to identify vulnerabilities across various services and versions.
Nmap script that provides information about probable vulnerabilities based on discovered services.
The current implementation take care of the following cases:
cpe
AND version
: vulnerabilities affecting version
and vulnerabilities affecting a range of versions that include version
.cpe
AND version range
: vulnerabilities affecting versions between version range
(included).cpe
but NO version
: vulnerabilities that affect every version of the product.cpe
and version
returned from Nmap, HTTP detection is used.cpe
: HTTP detection is used.extra/http-paths-vulnerscom.json
, comparing the request headers/body with the regexes in extra/http-regex-vulnerscom.json
.Nmap library shortport is used to detect if port matches HTTP/SSL.
In order to run cvescannerv2 script, you need the following files present in your working directory
cve.db
extra/http-paths-vulnerscom.json
extra/http-regex-vulnerscom.json
extra/product-aliases.json
In addition, you must have installed lua-sql-sqlite3
(ubuntu) or lua5.4-sql-sqlite3
(alpine) packages
If you don’t have the database cve.db
, you can build it using the script extra/database.py
or download a (semiupdated) copy from CVEScannerV2DB using .sql
files or under Actions->Latest->Summary->Artifacts
This repository is updated every two weeks
pip install -r extra/requirements.txt
python extra/database.py
git clone https://github.com/scmanjarrez/CVEScannerV2DB
cd CVEScannerV2DB && sh build.sh
To run the script, use the following syntax
nmap -sV --script cvescannerv2 <TARGET>
nmap -sV --script cvescannerv2 --script-args log=logfile.log,json=logfile.json <TARGET>
It is possible to modify the behaviour to some extent using the following arguments: db, maxcve, http, maxredirect, log, json, path, regex, aliases, service and version.
For more information click here.
Introduction to the Model Context Protocol (MCP) The Model Context Protocol (MCP) is an open…
While file extensions in Linux are optional and often misleading, the file command helps decode what a…
The touch command is one of the quickest ways to create new empty files or update timestamps…
Handling large numbers of files is routine for Linux users, and that’s where the find command shines.…
Managing files and directories is foundational for Linux workflows, and the mv (“move”) command makes it easy…
Creating directories is one of the earliest skills you'll use on a Linux system. The mkdir (make…