Re: Updated output for scripts

[Fyodor <fyodor () insecure org>]

On Sat, Nov 14, 2009 at 07:26:30PM -0600, Ron wrote:
> Personally, I think we should stick with the extra whitespace. It feels
> too squished together for me.
> Thoughts?

It might (or might not) look a bit less squished if the | and _ are
removed from the 2nd level and higher (replaced with spaces).  For
comparison, here is your first example with the three options:

**Removing |_ from levels 2+**
Host script results:
|_smb-brute: guest:<blank> => Password was correct, but user's account is disabled
| smb-system-info:
|_  ERROR: NT_STATUS_ACCESS_DENIED
| smb-security-mode:
|   Account that was used for smb scripts: <blank>
|   User-level authentication
|   SMB Security: Challenge/response passwords supported
|_  Message signing disabled (dangerous, but default)
|_smb-server-stats:
| smb-enum-domains:
|_  ERROR: NT_STATUS_ACCESS_DENIED (samr.connect4)
| smb-enum-groups:
|_  ERROR: Couldn't enumerate groups: NT_STATUS_ACCESS_DENIED (samr.connect4)
|_smb-enum-processes: ERROR: NT_STATUS_ACCESS_DENIED
| smb-os-discovery:
|   OS: Windows Server 2003 3790 Service Pack 2 (Windows Server 2003 5.2)
|   Name: SKULLSECURITY\WINDOWS2003
|_  System time: 2009-11-14 19:22:34 UTC-6
| smb-enum-users:
|_  ERROR: Access denied while trying to enumerate users; except against Windows 2000, Guest or better is typically 
required
| smb-enum-shares:
|   ERROR: Enumerating shares failed, guessing at common ones (NT_STATUS_ACCESS_DENIED)
|   ADMIN$ (WARNING: Couldn't get details for share: NT_STATUS_ACCESS_DENIED)
|     Anonymous access: <none>
|   C$ (WARNING: Couldn't get details for share: NT_STATUS_ACCESS_DENIED)
|     Anonymous access: <none>
|   IPC$ (WARNING: Couldn't get details for share: NT_STATUS_ACCESS_DENIED)
|_    Anonymous access: READ
| smb-check-vulns:
|   MS08-067: NOT VULNERABLE
|   Conficker: Likely CLEAN
|   regsvc DoS: CHECK DISABLED (add '--script-args=unsafe=1' to run)
|_  SMBv2 DoS (CVE-2009-3103): CHECK DISABLED (add '--script-args=unsafe=1' to run)

**With the |_ (but no extra space)**
Host script results:
|_smb-brute: guest:<blank> => Password was correct, but user's account is disabled
| smb-system-info:
|_|_ERROR: NT_STATUS_ACCESS_DENIED
| smb-security-mode:
| | Account that was used for smb scripts: <blank>
| | User-level authentication
| | SMB Security: Challenge/response passwords supported
|_|_Message signing disabled (dangerous, but default)
|_smb-server-stats:
| smb-enum-domains:
|_|_ERROR: NT_STATUS_ACCESS_DENIED (samr.connect4)
| smb-enum-groups:
|_|_ERROR: Couldn't enumerate groups: NT_STATUS_ACCESS_DENIED (samr.connect4)
|_smb-enum-processes: ERROR: NT_STATUS_ACCESS_DENIED
| smb-os-discovery:
| | OS: Windows Server 2003 3790 Service Pack 2 (Windows Server 2003 5.2)
| | Name: SKULLSECURITY\WINDOWS2003
|_|_System time: 2009-11-14 19:22:34 UTC-6
| smb-enum-users:
|_|_ERROR: Access denied while trying to enumerate users; except against Windows 2000, Guest or better is typically 
required
| smb-enum-shares:
| | ERROR: Enumerating shares failed, guessing at common ones (NT_STATUS_ACCESS_DENIED)
| | ADMIN$ (WARNING: Couldn't get details for share: NT_STATUS_ACCESS_DENIED)
| | |_Anonymous access: <none>
| | C$ (WARNING: Couldn't get details for share: NT_STATUS_ACCESS_DENIED)
| | |_Anonymous access: <none>
| | IPC$ (WARNING: Couldn't get details for share: NT_STATUS_ACCESS_DENIED)
|_|_|_Anonymous access: READ
| smb-check-vulns:
| | MS08-067: NOT VULNERABLE
| | Conficker: Likely CLEAN
| | regsvc DoS: CHECK DISABLED (add '--script-args=unsafe=1' to run)
|_|_SMBv2 DoS (CVE-2009-3103): CHECK DISABLED (add '--script-args=unsafe=1' to run)

**With the extra space ("|_ ")**
Host script results:
|_ smb-brute: guest:<blank> => Password was correct, but user's account is disabled
|  smb-system-info:
|_ |_ ERROR: NT_STATUS_ACCESS_DENIED
|  smb-security-mode:
|  |  Account that was used for smb scripts: <blank>
|  |  User-level authentication
|  |  SMB Security: Challenge/response passwords supported
|_ |_ Message signing disabled (dangerous, but default)
|_ smb-server-stats:
|  smb-enum-domains:
|_ |_ ERROR: NT_STATUS_ACCESS_DENIED (samr.connect4)
|  smb-enum-groups:
|_ |_ ERROR: Couldn't enumerate groups: NT_STATUS_ACCESS_DENIED (samr.connect4)
|_ smb-enum-processes: ERROR: NT_STATUS_ACCESS_DENIED
|  smb-os-discovery:
|  |  OS: Windows Server 2003 3790 Service Pack 2 (Windows Server 2003 5.2)
|  |  Name: SKULLSECURITY\WINDOWS2003
|_ |_ System time: 2009-11-14 19:22:34 UTC-6
|  smb-enum-users:
|_ |_ ERROR: Access denied while trying to enumerate users; except against Windows 2000, Guest or better is typically 
required
|  smb-enum-shares:
|  |  ERROR: Enumerating shares failed, guessing at common ones (NT_STATUS_ACCESS_DENIED)
|  |  ADMIN$ (WARNING: Couldn't get details for share: NT_STATUS_ACCESS_DENIED)
|  |  |_ Anonymous access: <none>
|  |  C$ (WARNING: Couldn't get details for share: NT_STATUS_ACCESS_DENIED)
|  |  |_ Anonymous access: <none>
|  |  IPC$ (WARNING: Couldn't get details for share: NT_STATUS_ACCESS_DENIED)
|_ |_ |_ Anonymous access: READ
|  smb-check-vulns:
|  |  MS08-067: NOT VULNERABLE
|  |  Conficker: Likely CLEAN
|  |  regsvc DoS: CHECK DISABLED (add '--script-args=unsafe=1' to run)
|_ |_ SMBv2 DoS (CVE-2009-3103): CHECK DISABLED (add '--script-args=unsafe=1' to run)


Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/