NFS re-write, RPC library and some more scripts

[Patrik Karlsson <patrik () cqure net>]

Hi all,

I received a bug report from Matt regarding nfs-showmount not properly listing the exports from a server. Having a look 
at one of my first scripts kind of made me sick. So I re-wrote it from scratch and factored out all the RPC/NFS code 
into a library called rpc.lua.

The bug was most likely related to the output from the server being a lot larger than the two entries I had in my test 
environment. The mountd program can be queried over either udp or tcp and the script was doing both. When the answer 
gets large enough it will only work over tcp, which brings me to the next bug, the fact that I was only reading from 
the socket ones. Obviously a larger export list wouldn't be read into the buffer with a single read. 

Both of theses issues are addressed in the new code and Matt has been able to confirm that the script works now. 
Hopefully my last minute changes didn't change that.

In the works of creating the library I implemented a couple of more rpc calls and added two more scripts: nfs-get-stats 
and nfs-get-dirlist. The first script gets disk usage statistics of from each share and the second script lists the 
first 10 items in the shared directory.

The RPC library only supports null authentication, so running nfs-get-stat or nfs-get-dirlist on any exports using a 
higher level of security than that will most likely result in the scripts not returning any data.

I'm attaching the scripts and library to this e-mail and I've also uploaded them to my blog:
http://www.cqure.net/wp/nmap-scripts/

Attachment: nfs-get-dirlist.nse
Description:

Attachment: nfs-get-stats.nse
Description:

Attachment: nfs-showmount.nse
Description:

Attachment: rpc.lua
Description:

//Patrik

--
Patrik Karlsson
http://www.cqure.net




_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/