Nmap Development mailing list archives
Re: [NSELIB/NSE] Updates SMB/MSRPC scripts
From: Ron <ron () skullsecurity net>
Date: Sat, 04 Oct 2008 14:04:24 -0500
Hi David, David Fifield wrote:
On Fri, Oct 03, 2008 at 11:09:16AM -0500, Ron wrote: So smb-enumusers.nse covers what you previously sent as smb-msrpc-bruteusers.nse, smb-msrpc-enumusers.nse, and smb-enum.nse? The new organization is logical, it's easier to predict what the scripts will do from their names.
That's correct. A tiny bit of functionality was lost with smb-enum.nse, but I think as I develop more scripts with this, it'll come back.
- Removed smbconstants in favour of a two-way tableYou can make the constants tables even more concise and expressive by writing local command_codes = { SMB_COM_CREATE_DIRECTORY = 0x00, SMB_COM_DELETE_DIRECTORY = 0x01, ... } Likewise you can say command_codes.SMB_COM_CREATE_DIRECTORY rather than command_codes['SMB_COM_CREATE_DIRECTORY']. This is possible because all the table keys are legal identifiers.
Makes sense. If I do that with the error constants, is it possible to reverse it so I can look up the name by the code?
All the constants should be moved to the end of smb.lua--does that work?
I put it there originally and got an error: undefined, but maybe if I change it to your way that would go away.
-- The 'referent_id' value is ignored, as far as I can tell, so this value is passed for it. No, it isn't random. :) REFERENT_ID = 0x50414d4eHeh.
;)
Yes, as I understand it authentication for these scripts and modules is wrapped up with the integration of the openssl module. Ron's scripts are going to be the first test of the module, apart from Sven's own SSH-hostkey.nse. When authentication in these scripts work and the openssl module has gotten some exercise I think we can add them at roughly the same time.
Yup, I'll start working on the authentication as soon as I'm happy that the basic functionality is stable. I think I'm pretty much at that point, so expect SSL stuff soon.
Keep up the good work! Seriously, I think that the smb and msrpc modules are going to serve as examples of how to write other large NSE modules.
Heh, thanks. :) I've tried to keep to decent coding standards well developing them, and I'm open to suggestions on how to improve things.
I'd like to commit this as soon as someone can independently verify that all the scripts work against Windows 2000. I don't have a machine to test against. The command to do it is nmap --script=smb-enumdomains.nse,smb-enumusers.nse,smb-enumshares.nse <target> Also try running with verbosity. For what it's worth, here's what I see running against Windows XP: Host script results: |_ MSRPC: List of domains: ERROR: NT_STATUS_ACCESS_DENIED | MSRPC: NetShareEnumAll(): | Couldn't enum all shares, checking for common ones (NT_STATUS_ACCESS_DENIED) | Anonymous shares: IPC$ |_ Restricted shares: ADMIN$, C$ | MSRPC: List of user accounts: | Enum via SAMR error: NT_STATUS_ACCESS_DENIED | Enum via LSA error: NT_STATUS_ACCESS_DENIED |_ Sorry, couldn't find any account names anonymously!
Yeah, I get the same thing running against Windows XP.
David Fifield
Ron _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSELIB/NSE] Updates SMB/MSRPC scripts Ron (Oct 03)
- Re: [NSELIB/NSE] Updates SMB/MSRPC scripts Ron (Oct 03)
- Re: [NSELIB/NSE] Updates SMB/MSRPC scripts David Fifield (Oct 03)
- Re: [NSELIB/NSE] Updates SMB/MSRPC scripts Ron (Oct 04)
- Re: [NSELIB/NSE] Updates SMB/MSRPC scripts David Fifield (Oct 04)
- Re: [NSELIB/NSE] Updates SMB/MSRPC scripts jah (Oct 04)
- Re: [NSELIB/NSE] Updates SMB/MSRPC scripts Fyodor (Oct 04)
- Re: [NSELIB/NSE] Updates SMB/MSRPC scripts David Fifield (Oct 04)
- Re: [NSELIB/NSE] Updates SMB/MSRPC scripts Ron (Oct 04)
- Re: [NSELIB/NSE] Updates SMB/MSRPC scripts Ron (Oct 04)
- Re: [NSELIB/NSE] Updates SMB/MSRPC scripts Fyodor (Oct 04)
- RE: [NSELIB/NSE] Updates SMB/MSRPC scripts Aaron Leininger (Oct 04)
- Re: [NSELIB/NSE] Updates SMB/MSRPC scripts Ron (Oct 04)
- RE: [NSELIB/NSE] Updates SMB/MSRPC scripts Rob Nicholls (Oct 05)
- Re: [NSELIB/NSE] Updates SMB/MSRPC scripts Ron (Oct 04)