Added a check for a SMBv2 vulnerability (CVE-2009-3103) to smb-check-vulns. Due to its nature (it performs a DoS, then checks if the system is still online), the script isn't run by default and requires a special script-arg to work.

2026-01-28 00:59:04 +00:00 · 2009-09-14 15:23:06 +00:00
parent fa6435d6ec
commit 32d9c9fe98
3 changed files with 114 additions and 4 deletions
--- a/scripts/script.db
+++ b/scripts/script.db
@@ -39,7 +39,7 @@ Entry { filename = "robots.txt.nse", categories = { "default", "discovery", "saf
 Entry { filename = "rpcinfo.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "skypev2-version.nse", categories = { "version", } }
 Entry { filename = "smb-brute.nse", categories = { "auth", "intrusive", } }
-Entry { filename = "smb-check-vulns.nse", categories = { "intrusive", } }
+Entry { filename = "smb-check-vulns.nse", categories = { "dos", "exploit", "intrusive", } }
 Entry { filename = "smb-enum-domains.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "smb-enum-processes.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "smb-enum-sessions.nse", categories = { "discovery", "intrusive", } }