PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 22:21:29 +00:00
Code Issues Projects Releases Wiki Activity

Whitespace/reindent cleanup in NSE. https://secwiki.org/w/Nmap/Code_Standards

Browse Source
This commit is contained in:
dmiller
2015-05-31 17:37:51 +00:00
parent 3d4fb07728
commit 00064a1809
19 changed files with 297 additions and 297 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
nselib/json.lua
View File

@@ -346,8 +346,8 @@ local TESTS = {
test = function(o) return not next(o) end
},
{'', valid=false},
{'null', valid=false}, -- error
{'"abc"', valid=false}, -- error
{'null', valid=false}, -- error
{'"abc"', valid=false}, -- error
{'{a":1}', valid=false}, -- error
{'{"a" bad :1}', valid=false}, -- error
{

2
nselib/smbauth.lua
View File

@@ -222,7 +222,7 @@ function add_account(host, username, domain, password, password_hash, hash_type,
-- Reset the credentials
next_account(host, 1)
-- io.write("\n\n" .. nsedebug.tostr(host.registry['smbaccounts']) .. "\n\n")
-- io.write("\n\n" .. nsedebug.tostr(host.registry['smbaccounts']) .. "\n\n")
end
---Retrieve the current set of credentials set in the registry.

22
nselib/vulns.lua
View File

@@ -1834,7 +1834,7 @@ local format_vuln_base = function(vuln_table, showall)
local risk_str = ""
if vuln_table.scores and next(vuln_table.scores) then
output_table.scores = vuln_table.scores
output_table.scores = vuln_table.scores
for score_type, score in pairs(vuln_table.scores) do
risk_str = risk_str .. string_format(" %s: %s", score_type, score)
end
@@ -1859,9 +1859,9 @@ local format_vuln_base = function(vuln_table, showall)
if vuln_table.dates.disclosure and
next(vuln_table.dates.disclosure) then
output_table.disclosure = string_format("%s-%s-%s",
vuln_table.dates.disclosure.year,
vuln_table.dates.disclosure.month,
vuln_table.dates.disclosure.day)
vuln_table.dates.disclosure.year,
vuln_table.dates.disclosure.month,
vuln_table.dates.disclosure.day)
insert(out, string_format(" Disclosure date: %s-%s-%s",
vuln_table.dates.disclosure.year,
vuln_table.dates.disclosure.month,
@@ -1928,7 +1928,7 @@ local format_vuln_base = function(vuln_table, showall)
local ref_str = {}
for link in pairs(ref_set) do
insert(out, string_format(" %s", link))
table.insert(ref_str, link)
table.insert(ref_str, link)
end
output_table.refs = ref_str
end
@@ -2242,9 +2242,9 @@ Report = {
for i, vuln_table in ipairs(self.entries.vulns) do
local vuln_out, out_t = format_vuln_base(vuln_table)
if type(out_t) == "table" then
for i, v, k in pairs(out_t) do
output_t2[i]=v
end
for i, v, k in pairs(out_t) do
output_t2[i]=v
end
end
if vuln_out then
output_table.report = concat(vuln_out, "\n")
@@ -2265,9 +2265,9 @@ Report = {
for i, vuln_table in ipairs(self.entries.not_vulns) do
local vuln_out, out_t = format_vuln_base(vuln_table, SHOW_ALL)
if type(out_t) == "table" then
for i, v, k in pairs(out_t) do
output_t2[i]=v
end
for i, v, k in pairs(out_t) do
output_t2[i]=v
end
end
if vuln_out then
output_table.report = concat(vuln_out, "\n")

68
scripts/afp-ls.nse
View File

@@ -122,40 +122,40 @@ action = function(host, port)
for _, vol in ipairs( vols ) do
local status, tbl = afpHelper:Dir( vol )
if ( not(status) ) then
table.insert(
output,
("ERROR: Failed to list the contents of %s"):format(vol))
else
local file_tab = createFileTable()
local counter = maxfiles or 10
for _, item in ipairs(tbl[1]) do
if ( item and item.name ) then
local status, result = afpHelper:GetFileUnixPermissions(
vol, item.name)
if ( status ) then
local status, fsize = afpHelper:GetFileSize( vol, item.name)
if ( not(status) ) then
table.insert(
output,
("\n\nERROR: Failed to retrieve file size for %/%s"):format(vol, item.name))
else
local status, date = afpHelper:GetFileDates( vol, item.name)
if ( not(status) ) then
table.insert(
output,
("\n\nERROR: Failed to retrieve file dates for %/%s"):format(vol, item.name))
else
tab.addrow(file_tab, result.privs, result.uid, result.gid, fsize, date.create, item.name)
counter = counter - 1
end
end
end
end
if ( counter == 0 ) then break end
end
local result_part = { name = vol }
table.insert(result_part, tab.dump(file_tab))
table.insert(output, result_part)
table.insert(
output,
("ERROR: Failed to list the contents of %s"):format(vol))
else
local file_tab = createFileTable()
local counter = maxfiles or 10
for _, item in ipairs(tbl[1]) do
if ( item and item.name ) then
local status, result = afpHelper:GetFileUnixPermissions(
vol, item.name)
if ( status ) then
local status, fsize = afpHelper:GetFileSize( vol, item.name)
if ( not(status) ) then
table.insert(
output,
("\n\nERROR: Failed to retrieve file size for %/%s"):format(vol, item.name))
else
local status, date = afpHelper:GetFileDates( vol, item.name)
if ( not(status) ) then
table.insert(
output,
("\n\nERROR: Failed to retrieve file dates for %/%s"):format(vol, item.name))
else
tab.addrow(file_tab, result.privs, result.uid, result.gid, fsize, date.create, item.name)
counter = counter - 1
end
end
end
end
if ( counter == 0 ) then break end
end
local result_part = { name = vol }
table.insert(result_part, tab.dump(file_tab))
table.insert(output, result_part)
end
end
end

34
scripts/http-vuln-cve2014-2126.nse
View File

@@ -54,29 +54,29 @@ Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47), 8.4 befor
}
local vuln_versions = {
['8'] = {
['2'] = 5.47,
['4'] = 7.5,
['7'] = 1.11,
},
['9'] = {
['0'] = 3.10,
['1'] = 3.4,
},
}
['8'] = {
['2'] = 5.47,
['4'] = 7.5,
['7'] = 1.11,
},
['9'] = {
['0'] = 3.10,
['1'] = 3.4,
},
}
local report = vulns.Report:new(SCRIPT_NAME, host, port)
local ac = anyconnect.Cisco.AnyConnect:new(host, port)
local ac = anyconnect.Cisco.AnyConnect:new(host, port)
local status, err = ac:connect()
if not status then
return ("\n ERROR: %s"):format(err)
else
local ver = ac:get_version()
if vuln_versions[ver['major']] and vuln_versions[ver['major']][ver['minor']] then
if vuln_versions[ver['major']][ver['minor']] > tonumber(ver['rev']) then
vuln_table.state = vulns.STATE.VULN
end
end
local ver = ac:get_version()
if vuln_versions[ver['major']] and vuln_versions[ver['major']][ver['minor']] then
if vuln_versions[ver['major']][ver['minor']] > tonumber(ver['rev']) then
vuln_table.state = vulns.STATE.VULN
end
end
end
return report:make_output(vuln_table)
end

32
scripts/http-vuln-cve2014-2127.nse
View File

@@ -53,30 +53,30 @@ Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 befor
}
local vuln_versions = {
['8'] = {
['2'] = 5.48,
['8'] = {
['2'] = 5.48,
['3'] = 2.40,
['4'] = 7.9,
['4'] = 7.9,
['6'] = 1.13,
},
['9'] = {
['0'] = 4.1,
['1'] = 4.3,
},
}
},
['9'] = {
['0'] = 4.1,
['1'] = 4.3,
},
}
local report = vulns.Report:new(SCRIPT_NAME, host, port)
local ac = anyconnect.Cisco.AnyConnect:new(host, port)
local ac = anyconnect.Cisco.AnyConnect:new(host, port)
local status, err = ac:connect()
if not status then
return ("\n ERROR: %s"):format(err)
else
local ver = ac:get_version()
if vuln_versions[ver['major']] and vuln_versions[ver['major']][ver['minor']] then
if vuln_versions[ver['major']][ver['minor']] > tonumber(ver['rev']) then
vuln_table.state = vulns.STATE.VULN
end
end
local ver = ac:get_version()
if vuln_versions[ver['major']] and vuln_versions[ver['major']][ver['minor']] then
if vuln_versions[ver['major']][ver['minor']] > tonumber(ver['rev']) then
vuln_table.state = vulns.STATE.VULN
end
end
end
return report:make_output(vuln_table)
end

34
scripts/http-vuln-cve2014-2128.nse
View File

@@ -53,31 +53,31 @@ The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 8
}
local vuln_versions = {
['8'] = {
['2'] = 5.47,
['8'] = {
['2'] = 5.47,
['3'] = 2.40,
['4'] = 7.3,
['4'] = 7.3,
['6'] = 1.13,
['7'] = 1.11,
},
['9'] = {
['0'] = 3.8,
['1'] = 3.2,
},
}
['7'] = 1.11,
},
['9'] = {
['0'] = 3.8,
['1'] = 3.2,
},
}
local report = vulns.Report:new(SCRIPT_NAME, host, port)
local ac = anyconnect.Cisco.AnyConnect:new(host, port)
local ac = anyconnect.Cisco.AnyConnect:new(host, port)
local status, err = ac:connect()
if not status then
return ("\n ERROR: %s"):format(err)
else
local ver = ac:get_version()
if vuln_versions[ver['major']] and vuln_versions[ver['major']][ver['minor']] then
if vuln_versions[ver['major']][ver['minor']] > tonumber(ver['rev']) then
vuln_table.state = vulns.STATE.VULN
end
end
local ver = ac:get_version()
if vuln_versions[ver['major']] and vuln_versions[ver['major']][ver['minor']] then
if vuln_versions[ver['major']][ver['minor']] > tonumber(ver['rev']) then
vuln_table.state = vulns.STATE.VULN
end
end
end
return report:make_output(vuln_table)
end

32
scripts/http-vuln-cve2014-2129.nse
View File

@@ -53,28 +53,28 @@ The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software 8.
}
local vuln_versions = {
['8'] = {
['2'] = 5.48,
['4'] = 6.5,
},
['9'] = {
['0'] = 3.1,
['1'] = 2.5,
},
}
['8'] = {
['2'] = 5.48,
['4'] = 6.5,
},
['9'] = {
['0'] = 3.1,
['1'] = 2.5,
},
}
local report = vulns.Report:new(SCRIPT_NAME, host, port)
local ac = anyconnect.Cisco.AnyConnect:new(host, port)
local ac = anyconnect.Cisco.AnyConnect:new(host, port)
local status, err = ac:connect()
if not status then
return ("\n ERROR: %s"):format(err)
else
local ver = ac:get_version()
if vuln_versions[ver['major']] and vuln_versions[ver['major']][ver['minor']] then
if vuln_versions[ver['major']][ver['minor']] > tonumber(ver['rev']) then
vuln_table.state = vulns.STATE.VULN
end
end
local ver = ac:get_version()
if vuln_versions[ver['major']] and vuln_versions[ver['major']][ver['minor']] then
if vuln_versions[ver['major']][ver['minor']] > tonumber(ver['rev']) then
vuln_table.state = vulns.STATE.VULN
end
end
end
return report:make_output(vuln_table)
end

10
scripts/smb-enum-shares.nse
View File

@@ -141,7 +141,7 @@ action = function(host)
if(share['user_can_write'] == "NT_STATUS_OBJECT_NAME_NOT_FOUND") then
share_output["Type"] = "Not a file share"
else
table.insert(host.registry['smb_shares'], share.name)
table.insert(host.registry['smb_shares'], share.name)
end
else
local details = share['details']
@@ -153,9 +153,9 @@ action = function(host)
share_output["Path"] = details.path
if (share_output["Type"] == "STYPE_DISKTREE" or
share_output["Type"] == "STYPE_DISKTREE_TEMPORARY" or
share_output["Type"] == "STYPE_DISKTREE_HIDDEN") then
table.insert(host.registry['smb_shares'], share.name)
share_output["Type"] == "STYPE_DISKTREE_TEMPORARY" or
share_output["Type"] == "STYPE_DISKTREE_HIDDEN") then
table.insert(host.registry['smb_shares'], share.name)
end
end
-- Print details for a file share
@@ -186,7 +186,7 @@ action = function(host)
end
if next(host.registry['smb_shares']) == nil then
host.registry['smb_shares'] = nil
host.registry['smb_shares'] = nil
end
return response

142
scripts/smb-ls.nse
View File

@@ -55,9 +55,9 @@ local arg_checksum = stdnse.get_script_args(SCRIPT_NAME .. '.checksum')
local arg_errors = stdnse.get_script_args(SCRIPT_NAME .. '.errors')
hostrule = function(host)
return ( smb.get_port(host) ~= nil and
(arg_shares or arg_share
or host.registry['smb_shares'] ~= nil) )
return ( smb.get_port(host) ~= nil and
(arg_shares or arg_share
or host.registry['smb_shares'] ~= nil) )
end
-- checks whether the file entry is a directory
@@ -71,97 +71,97 @@ action = function(host)
-- give priority to specified shares if specified
if arg_shares ~= nil then
arg_shares = stdnse.strsplit(":", arg_shares)
arg_shares = stdnse.strsplit(":", arg_shares)
elseif arg_share ~= nil then
arg_shares = {arg_share}
arg_shares = {arg_share}
else
arg_shares = host.registry['smb_shares']
arg_shares = host.registry['smb_shares']
end
-- arg_maxdepth defaults to 1 (no recursion)
if arg_maxdepth == nil then
arg_maxdepth = 1
arg_maxdepth = 1
else
arg_maxdepth = tonumber(arg_maxdepth)
arg_maxdepth = tonumber(arg_maxdepth)
end
local output = {}
for _, share in ipairs(arg_shares) do
local status, smbstate = smb.start_ex(host, true, true, share,
nil, nil, nil)
if ( not(status) ) then
if arg_errors then
table.insert(
output,
("Failed to authenticate to server (%s) for directory of \\\\%s\\%s%s"):format(smbstate, stdnse.get_hostname(host), share, arg_path))
table.insert(output, "")
end
else
local status, smbstate = smb.start_ex(host, true, true, share,
nil, nil, nil)
if ( not(status) ) then
if arg_errors then
table.insert(
output,
("Failed to authenticate to server (%s) for directory of \\\\%s\\%s%s"):format(smbstate, stdnse.get_hostname(host), share, arg_path))
table.insert(output, "")
end
else
table.insert(output, "")
table.insert(output, "")
-- remove leading slash
arg_path = ( arg_path:sub(1,2) == '\\' and arg_path:sub(2) or arg_path )
-- remove leading slash
arg_path = ( arg_path:sub(1,2) == '\\' and arg_path:sub(2) or arg_path )
-- fixup checksum argument
arg_checksum = ( arg_checksum == 'true' or arg_checksum == '1' ) and true or false
-- fixup checksum argument
arg_checksum = ( arg_checksum == 'true' or arg_checksum == '1' ) and true or false
local options = { max_depth = arg_maxdepth, max_files = arg_maxfiles }
local depth, path, dirs = 0, arg_path, {}
local file_count, dir_count, total_bytes = 0, 0, 0
local options = { max_depth = arg_maxdepth, max_files = arg_maxfiles }
local depth, path, dirs = 0, arg_path, {}
local file_count, dir_count, total_bytes = 0, 0, 0
repeat
-- we need three columns per row, plus one for checksum if
-- requested
local lstab = tab.new((arg_checksum and 4 or 3))
repeat
-- we need three columns per row, plus one for checksum if
-- requested
local lstab = tab.new((arg_checksum and 4 or 3))
for fe in smb.find_files(smbstate, path .. '\\' .. arg_pattern, options ) do
if ( arg_checksum and not(is_dir(fe)) ) then
local status, content = smb.file_read(host, share, path .. '\\' .. fe.fname, nil, {file_create_disposition=1})
local sha1 = ( status and stdnse.tohex(openssl.sha1(content)) or "" )
tab.addrow(lstab, fe.created, (is_dir(fe) and '<DIR>' or fe.eof), fe.fname, sha1)
else
tab.addrow(lstab, fe.created, (is_dir(fe) and '<DIR>' or fe.eof), fe.fname)
end
for fe in smb.find_files(smbstate, path .. '\\' .. arg_pattern, options ) do
if ( arg_checksum and not(is_dir(fe)) ) then
local status, content = smb.file_read(host, share, path .. '\\' .. fe.fname, nil, {file_create_disposition=1})
local sha1 = ( status and stdnse.tohex(openssl.sha1(content)) or "" )
tab.addrow(lstab, fe.created, (is_dir(fe) and '<DIR>' or fe.eof), fe.fname, sha1)
else
tab.addrow(lstab, fe.created, (is_dir(fe) and '<DIR>' or fe.eof), fe.fname)
end
arg_maxfiles = ( arg_maxfiles and arg_maxfiles - 1 )
if ( arg_maxfiles == 0 ) then
break
end
arg_maxfiles = ( arg_maxfiles and arg_maxfiles - 1 )
if ( arg_maxfiles == 0 ) then
break
end
if ( is_dir(fe) ) then
dir_count = dir_count + 1
if ( fe.fname ~= '.' and fe.fname ~= '..' ) then
table.insert(dirs, { depth = depth + 1, path = path .. '\\' .. fe.fname } )
end
else
total_bytes = total_bytes + fe.eof
file_count = file_count + 1
end
end
table.insert(output, { name = ("Directory of %s"):format( '\\\\' .. stdnse.get_hostname(host) .. '\\' .. share .. path), tab.dump(lstab) })
if ( is_dir(fe) ) then
dir_count = dir_count + 1
if ( fe.fname ~= '.' and fe.fname ~= '..' ) then
table.insert(dirs, { depth = depth + 1, path = path .. '\\' .. fe.fname } )
end
else
total_bytes = total_bytes + fe.eof
file_count = file_count + 1
end
end
table.insert(output, { name = ("Directory of %s"):format( '\\\\' .. stdnse.get_hostname(host) .. '\\' .. share .. path), tab.dump(lstab) })
path = nil
if ( #dirs ~= 0 ) then
local dir = table.remove(dirs, 1)
depth = dir.depth
if ( not(arg_maxdepth) or ( dir.depth < arg_maxdepth ) ) then
path = dir.path
table.insert(output, "")
end
end
until(not(path) or arg_maxfiles == 0)
path = nil
if ( #dirs ~= 0 ) then
local dir = table.remove(dirs, 1)
depth = dir.depth
if ( not(arg_maxdepth) or ( dir.depth < arg_maxdepth ) ) then
path = dir.path
table.insert(output, "")
end
end
until(not(path) or arg_maxfiles == 0)
smb.stop(smbstate)
smb.stop(smbstate)
local summary = { name = "Total Files Listed:",
("%8d File(s)\t%d bytes"):format(file_count, total_bytes),
("%8d Dir(s)"):format(dir_count) }
table.insert(output, "")
table.insert(output, summary)
table.insert(output, "")
end
local summary = { name = "Total Files Listed:",
("%8d File(s)\t%d bytes"):format(file_count, total_bytes),
("%8d Dir(s)"):format(dir_count) }
table.insert(output, "")
table.insert(output, summary)
table.insert(output, "")
end
end
return stdnse.format_output(true, output)

20
scripts/supermicro-ipmi-conf.nse
View File

@@ -62,19 +62,19 @@ end
action = function(host, port)
local fw = stdnse.get_script_args(SCRIPT_NAME..".out") or host.ip.."_bmc.conf"
local vuln = {
title = 'Supermicro IPMI/BMC configuration file disclosure',
state = vulns.STATE.NOT_VULN,
description = [[
title = 'Supermicro IPMI/BMC configuration file disclosure',
state = vulns.STATE.NOT_VULN,
description = [[
Some Supermicro IPMI/BMC controllers allow attackers to download
a configuration file containing plain text user credentials. This credentials may be used to log in to the administrative interface and the
network's Active Directory.]],
references = {
'http://blog.cari.net/carisirt-yet-another-bmc-vulnerability-and-some-added-extras/',
},
dates = {
disclosure = {year = '2014', month = '06', day = '19'},
},
}
references = {
'http://blog.cari.net/carisirt-yet-another-bmc-vulnerability-and-some-added-extras/',
},
dates = {
disclosure = {year = '2014', month = '06', day = '19'},
},
}
local vuln_report = vulns.Report:new(SCRIPT_NAME, host, port)
local open_session = http.get(host.ip, port, "/PSBlock")