Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Nmap NSE 6.01: http-malware-host

Information

Severity

Severity

Critical

Family

Family

Nmap NSE

CVSSv2 Base

CVSSv2 Base

9.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Mitigation

Created

Created

11 years ago

Modified

Modified

4 years ago

Summary

Looks for signature of known server compromises. Currently, the only signature it looks for is the one discussed in the reference. This is done by requesting the page '/ts/in.cgi?open2' and looking for an errant 302 (it attempts to detect servers that always return 302). Thanks to Denis from the above link for finding this technique! SYNTAX: http.pipeline: If set, it represents the number of HTTP requests that'll be pipelined (ie, sent in a single request). This can be set low to make debugging easier, or it can be set high to test how a server reacts (its chosen max is ignored). http-max-cache-size: The maximum memory size (in bytes) of the cache.