[NSE] smb.lua - change in start_session_basic return values

[Tom Sellers <nmap () fadedcode net>]

All,

I have committed a change to the return values of start_session_basic in smb.lua.
Unlike start_session_extended, start_session_basic was not returning the status_name
(NT_STATUS_ACCOUNT_LOCKED_OUT, NT_STATUS_ACCOUNT_DISABLED, etc) upon failure.

It was instead returning the username.  The result is that when logins failed the
calling code was not receiving the correct reason why.

In the case of smb-brute.nse this meant that when the target returned atypical failure
codes such as password expired, account disabled, time restricted, etc the calling code
could not report it.  In addition to losing out on potential intel, this logic would
also treat the attempt as a failed login and continue brute force attempts against
the account wasting time and resources.

The change is wrapped in a check for nil because, despite code comments that indicate
that the status should never be nil, it sometimes is.  When status is nil it causes
a fault in get_name_status.  I have left the original logic in place for instances where
status is nil.

In my tests I have not discovered any adverse effects but I would appreciate folks
putting this change through its paces to verify that it still works correctly.

Thanks much,

Tom
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/