PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-02 21:09:00 +00:00
Code Issues Projects Releases Wiki Activity

Avoid integer overflow in signed pack by using literal string

Browse Source
This commit is contained in:
dmiller
2016-08-20 00:08:00 +00:00
parent 5022aaf794
commit 11c2662a40
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
scripts/smb-vuln-ms10-061.nse
View File

@@ -109,7 +109,8 @@ aka "Print Spooler Service Impersonation Vulnerability."
local lanman_result
local REMSmb_NetShareEnum_P = "WrLeh"
local REMSmb_share_info_1 = "B13BWz"
status, lanman_result = msrpc.call_lanmanapi(smbstate,0,REMSmb_NetShareEnum_P,REMSmb_share_info_1,bin.pack("ss",0x01,65406))
status, lanman_result = msrpc.call_lanmanapi(
smbstate, 0, REMSmb_NetShareEnum_P, REMSmb_share_info_1, "\x01\x00\x7e\xff")
if status == false then
stdnse.debug1("SMB: " .. lanman_result)
stdnse.debug1("SMB: Looks like LANMAN API is not available. Try setting printer script arg.")