Nmap Development mailing list archives
[NSE] smb.lua - change in start_session_basic return values
From: Tom Sellers <nmap () fadedcode net>
Date: Sat, 03 Sep 2011 12:00:35 -0600
All, I have committed a change to the return values of start_session_basic in smb.lua. Unlike start_session_extended, start_session_basic was not returning the status_name (NT_STATUS_ACCOUNT_LOCKED_OUT, NT_STATUS_ACCOUNT_DISABLED, etc) upon failure. It was instead returning the username. The result is that when logins failed the calling code was not receiving the correct reason why. In the case of smb-brute.nse this meant that when the target returned atypical failure codes such as password expired, account disabled, time restricted, etc the calling code could not report it. In addition to losing out on potential intel, this logic would also treat the attempt as a failed login and continue brute force attempts against the account wasting time and resources. The change is wrapped in a check for nil because, despite code comments that indicate that the status should never be nil, it sometimes is. When status is nil it causes a fault in get_name_status. I have left the original logic in place for instances where status is nil. In my tests I have not discovered any adverse effects but I would appreciate folks putting this change through its paces to verify that it still works correctly. Thanks much, Tom _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] smb.lua - change in start_session_basic return values Tom Sellers (Sep 05)