Nmap Development mailing list archives
kerberos-get-realm.nse
From: David Fifield <david () bamsoftware com>
Date: Thu, 31 Dec 2009 20:41:37 -0700
On Mon, Dec 28, 2009 at 05:28:43PM +0100, Patrik Karlsson wrote:
On 22 dec 2009, at 17.50, David Fifield wrote:It's a pity we can't use the probe that makes Windows disclose the realm. Out of curiosity, what were the contents of the reply? Maybe it can be made into an NSE script.Here's a first attempt on that script. It tries to retrieve both the realm and the server time from the error message. I have tested it against W2K3 where it retrieves both and against Heimdal on Linux where it only extracts the time. The script name may be slightly misleading, but getting the realm name is what I initially wanted to do. As always, comments, suggestions and bug reports are welcome.
It looks good. It's too bad it only works on Windows as far as we know so far. Getting the date is a nice thing, but service detection should already do that. One thing you could do is print out the deviation from local time like http-date does: PORT STATE SERVICE 80/tcp open http |_http-date: Sat, 21 Nov 2009 21:08:31 GMT; -40d6h32m17s from local time. Feel free to factor out that time difference–formatting code from http-date. I tried to test this but I couldn't figure out how to activate a Kerberos server on Windows XP. Do you have to have a server edition or something? You need to document the meaning of the 0xa9 byte in extract_kerberos_realm. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Kerberos probes for nmap Patrik Karlsson (Nov 28)
- Re: Kerberos probes for nmap David Fifield (Dec 12)
- Re: Kerberos probes for nmap Patrik Karlsson (Dec 12)
- Re: Kerberos probes for nmap David Fifield (Dec 15)
- Re: Kerberos probes for nmap Patrik Karlsson (Dec 15)
- Re: Kerberos probes for nmap David Fifield (Dec 21)
- Re: Kerberos probes for nmap Patrik Karlsson (Dec 21)
- Re: Kerberos probes for nmap David Fifield (Dec 22)
- Re: Kerberos probes for nmap Patrik Karlsson (Dec 28)
- kerberos-get-realm.nse David Fifield (Dec 31)
- Re: Kerberos probes for nmap Patrik Karlsson (Dec 15)
- Re: Kerberos probes for nmap David Fifield (Dec 12)
- Re: Kerberos probes for nmap Patrik Karlsson (Dec 21)