Jiayi's Status Report - #9 of 17

[Jiayi Ye <yejiayily () gmail com>]

Hi,

Accomplishments :
* Continued working on smb2. Implemented command SMB2_COM_SESSION_SETUP.
Now we can send SMB2_COM_NEGOTIATE request to smb2 server and receive SMB2
NEGOTIATE Response, then send SMB2_COM_SESSION_SETUP request 1 and receive
SMB2 SESSION_SETUP response with NT_STATUS_MORE_PROCESSING_REQUIRED status,
then send SMB2_COM_SESSION_SETUP request 2 with username and password. But
I received response with nt_status_request_not_accepted rather than
NT_STATUS_SUCCESS. I’ll fix it then. [1]
 * Set up vuln environment related with CVE-2015-1635. Tried to update
http-vuln-cve2015-1635 to support information leak. I am still trying the
byte ranges to perform reliable information disclosure. [2]

Priorities:
* Implement smb2 commands such as SMB2_COM_TREE_CONNECT.
* Find way to exploit information disclosure related with CVE-2015-1635.
* Solve the licenses problem with vuln script. Test vuln script. Update
document of vuln script.

[1] https://svn.nmap.org/nmap-exp/jiayi/nselib/smb2.lua
[2] https://svn.nmap.org/nmap-exp/jiayi/scripts/http-vuln-cve2015-1635.nse

Thanks,
Jiayi Ye

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/