[NSE] MSRPC Libraries (stable, I hope!)

[Ron <ron () skullsecurity net>]

Hi everybody,

I've tried hard to stabilize my SMB + MSRPC code, and it seems to be 
working smoothly. I'm hoping to get Brandon (and anybody else) to test 
it one last time this week or early next week, then I can call it a 
version.

There are only two bugs right now that I know of:
* Doesn't necessarily work against certain configurations of Samba, 
although it no longer locks up when it tries scanning them. I'm hoping 
to fix this in the next release, but that's going to require some major 
changes that'll probably take a couple weeks. For now, I print off a 
warning (in -d) and try anyways (Brandon says he has a lot of Samba in 
his environment, and it only errored on 5 of them, so maybe it isn't so 
bad).
* Doesn't scan systems that require message signatures. Will report back 
"access denied" -- again, this should be fixed in my next release, but 
it's going to take a bit of re-writing to incorporate signatures. This 
is a rare situation.

All in all, it seems to be working against all the systems I test. It 
takes the following parameters, among others (see the top of any of the 
files for more):
smbuser/smbusername
smbdomain (if you're in a domain environment)
smbpass/smbpassword

So an example run might be:
nmap 
--script=smb-enumdomains,smb-enumsessions,smb-enumshares,smb-enumusers,smb-os-discovery,smb-security-mode,smb-serverstats,smb-systeminfo 
--script-args=smb-user=ron,smb-password=iagotest2k3 <host>

I'm hoping to get as much feedback or bug reports as I can this week!

To get the latest copy, check out my nmap-exp branch:
svn co --username guest --password "" 
svn://svn.insecure.org/nmap-exp/ron/nmap-smb

Thanks!

Ron


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org