Nmap Development mailing list archives
Re: [NSE RFC] SMB Probe
From: Kris Katterjohn <katterjohn () gmail com>
Date: Sun, 07 Sep 2008 17:37:43 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ron wrote:
Hey all,
Hi,
I'm interested in comments on the style and such. I'm new to Lua, but I've been picking it up. There may be things about it I don't know, and I'm interested in learning. For example, I only just realized that 'local' is important, after debugging something nasty!
Just a little note, there's a Comm nselib designed for handling typical network exchanges. Upon first glance your TCP socket gets transferred around throughout the functions, so that won't work, but your UDP code from netbios_do_nbstat() could be replaced with it if you're interested. Also, your script can probably be used as a base for an SMB nselib as your functions seem to be separately fairly well already (like your name encode and decode functions, your functions to manipulate a header, etc). I think moving code to nselibs is best, if they provide enough stand-alone functionality to warrant it (which your code seems to). All of this is just after an initial inspection, so I could be off-base.
The other bit I'm unsure about is the output. Right now, it builds the string as it goes along, but I might change it to build an array of strings instead. It's also a little chatty at the moment, although I think everything it displays is important. I might up the verbosity on some of it, though.
I think maybe combining lines (like "SMB Security") into one would be better, if they don't get incredibly long. I'm not sure if this is what you meant by "an array of strings". I like all of your output as well, but it's best to use the verbosity level to gauge how much to print rather than printing it all by default. Check some of the other scripts to see how their output is controlled by it.
Anyways, this works well against all my test boxes, and I kept it pretty clean (using pack/unpack to build packets, for example). I plan to expand this far more in the future, this is just the basic stuff. I'd appreciate output, though, and I hope to get a version done soon that can be included.
I thinking adding more to this script (or nselib..), and using it to replace the other scripts (as you mentioned), is best. You seem to be already on your way with this, so it's just my two cents. Just to show, it works well for me on my Linux box after turning on Samba: Host script results: | Probe SMB for information: (using port 139): | SMB Security: User-level authentication | SMB Security: Challenge/response passwords supported | SMB Security: Message signing not supported | System time from SMB: 2008-09-07 17:19:46 [UTC-5] | Computer name from SMB: MSHOME\ | OS detection from SMB: Unix | Null sessions enabled |_ Guest account enabled Thanks, Kris Katterjohn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSMRXtf9K37xXYl36AQJ02Q/+OpczJDzOiVPlGANVvNM4DcNSdvcUZ6NG G/M3iqSMv159tI4es5IopI+UgpjLYNrE1K92hdgA9zg/EgRS43/Vi8X9PS55Y/yb ONa8n8DTUqyIxo0OeI3KZl+gXTRZ8rUwRORsA6m93LierxtuOMCPIbRpP3x2sPoZ G/jZHlFhxsHoUZ2KK2csNLY4WtLRAiWNaMMLxR562F0IK4g0pVC10t1NnIzMuQbr 4biFKRYrhkxlUOKAJFb3+rVEMrZ30llPGfHWg7IjdqmijI47nljVOrKR2+T4Pizq 4cG6xD6bEec/mA6MVRsNsPf3O0gTQhpzEsIxPOPzlommd5KXh9c4lBiYppGP9qHs CxoOJgiuLvpUnRKTSrblu3I3W3NqnleoqDym3QbaUJtHdBHrddHF5GVVGxpnFIxv USz6BfMOn9CeYtr9UX0x/Q6bctEtpUEwOSs4q37V8G1gCeASGmbEXgr4GSH8UPJ9 /Es4AxypD0o5FCRFLnFCahGjTUql4hoRWLTvJPdRDxNJnedE9pDRGTFdTYaNK3j5 KLWCY7jAxrc9tNdmxOYnxl0JhIcszsbHewake1ZBS5KD6ovJVbxEwthwL/AZhtQM r6Q+s3D6tThtAXZyG9eCn+dKsvgUlVwawpK7NyFC81ZfHzj9+Rhtn3BaSXJm5LyD p/quPxHNG6o= =Yv8R -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE RFC] SMB Probe Ron (Sep 07)
- Re: [NSE RFC] SMB Probe Kris Katterjohn (Sep 07)
- Re: [NSE RFC] SMB Probe Ron (Sep 07)
- Re: [NSE RFC] SMB Probe Kris Katterjohn (Sep 07)
- Re: [NSE RFC] SMB Probe Ron (Sep 07)
- Message not available
- Message not available
- RE: [NSE RFC] SMB Probe Aaron Leininger (Sep 08)
- RE: [NSE RFC] SMB Probe Aaron Leininger (Sep 08)
- Message not available
- Re: [NSE RFC] SMB Probe Kris Katterjohn (Sep 07)