Use get_script_args to handle smb-related flag options, to use our

common true/false logic and not hardcode "1" and "true" in places. Patch by Chris Woodbury.
2026-02-03 12:06:35 +00:00 · 2011-04-20 21:35:10 +00:00
parent e0f589a37f
commit 3447e2a6a2
4 changed files with 16 additions and 16 deletions
--- a/nselib/smb.lua
+++ b/nselib/smb.lua
@@ -260,10 +260,10 @@ function start(host)
 	state['sequence'] = -1

 	-- Check whether or not the user requested basic authentication
-	if(nmap.registry.args.smbbasic == nil) then
-		state['extended_security'] = true
-	else
+	if(stdnse.get_script_args( "smbbasic" )) then
 		state['extended_security'] = false
+	else
+		state['extended_security'] = true
 	end

 	-- Store the name of the server
--- a/nselib/smbauth.lua
+++ b/nselib/smbauth.lua
@@ -78,7 +78,7 @@
 --                   protocol altogether!). If you're using an extremely old system, you might need to set 
 --                   this to <code>v1</code> or <code>lm</code>, which are less secure but more compatible.  
 --                   For information, see <code>smbauth.lua</code>. 
--@args smbnoguest   Set to <code>true</code> or <code>1</code> to disable usage of the 'guest' account. 
+--@args smbnoguest   Use to disable usage of the 'guest' account. 

 module(... or "smbauth", package.seeall)

@@ -260,7 +260,7 @@ function init_account(host)
 	-- Add the anonymous/guest accounts
 	add_account(host, '',      '', '', nil, 'none')

-	if(nmap.registry.args.smbnoguest == nil) then
+	if(not stdnse.get_script_args( "smbnoguest" )) then
 		add_account(host, 'guest', '', '', nil, 'ntlm')
 	end

--- a/scripts/smb-brute.nse
+++ b/scripts/smb-brute.nse
@@ -78,7 +78,7 @@ determined with a fairly efficient bruteforce. For example, if the actual passwo
 -- |  |  thisisaverylongnamev:password => Login was successful
 -- |_ |_ web:TeSt => Password was correct, but user's account is disabled
 -- 
-- @args smblockout Unless this is set to <code>1</code> or <code>true</code>, the script won't continue if it 
+-- @args smblockout This argument will force the script to continue if it 
 --       locks out an account or thinks it will lock out an account. 
 -- @args brutelimit Limits the number of usernames checked in the script. In some domains, 
 --       it's possible to end up with 10,000+ usernames on each server. By default, this
@@ -510,7 +510,7 @@ end
 -- portion among the domains. Returns true if lockouts could happen, false otherwise. 
 local function bad_lockout_policy(host)
 	-- If the user is ok with locking out accounts, just return
-	if(nmap.registry.args.smblockout == "1" or nmap.registry.args.smblockout == "true") then
+	if(stdnse.get_script_args( "smblockout" )) then
 		stdnse.print_debug(1, "smb-brute: Not checking server's lockout policy")
 		return true, false
 	end
@@ -735,7 +735,7 @@ function test_lockouts(hostinfo)
 		return 
 	end

-	if(nmap.registry.args.smblockout == 1 or nmap.registry.args.smblockout == "true") then
+	if(stdnse.get_script_args( "smblockout" )) then
 		return
 	end

@@ -1009,7 +1009,7 @@ local function go(host)
 				hostinfo['locked_usernames'][username] = true

 				-- Unless the user requested to keep going, stop the check
-				if(not(nmap.registry.args.smblockout == "1" or nmap.registry.args.smblockout == "true")) then
+				if(not(stdnse.get_script_args( "smblockout" ))) then
 					-- Mark it as found, which is technically true
 					status, err = found_account(hostinfo, username, nil, results.ACCOUNT_LOCKED_NOW)
 					if(status == false) then
--- a/scripts/smb-psexec.nse
+++ b/scripts/smb-psexec.nse
@@ -382,7 +382,7 @@ Some ideas for later versions (TODO):
 -- 
 --@args config  The config file to use (eg, default). Config files require a .lua extension, and are located in <code>nselib/data/psexec</code>. 
 --@args nohide  Don't set the uploaded files to hidden/system/etc.
--@args cleanup Set to <code>1</code> or <code>true</code> to simply clean up any mess we made (leftover files, processes, etc. on the host OS). 
+--@args cleanup Set to only clean up any mess we made (leftover files, processes, etc. on the host OS) on a previous run of the script. 
 --              This will attempt to delete the files from every share, not just the first one. This is done to prevent leftover
 --              files if the OS changes the ordering of the shares (there's no guarantee of shares coming back in any particular 
 --              order)
@@ -394,10 +394,10 @@ Some ideas for later versions (TODO):
 --@args sharepath The full path to the share (eg, <code>"c:\windows"</code>). This is required when creating a service. 
 --@args time    The minimum amount of time, in seconds, to wait for the external module to finish (default: <code>15</code>)
 --
--@args nocleanup If set to <code>1</code> or <code>true</code>, don't clean up at all; this leaves the files on the remote system and the wrapper 
+--@args nocleanup Set to not clean up at all; this leaves the files on the remote system and the wrapper 
 --              service installed. This is bad in practice, but significantly reduces the network traffic and makes analysis 
 --              easier. 
--@args nocipher Set to <code>1</code> or <code>true</code> to disable the ciphering of the returned text (useful for debugging). 
+--@args nocipher Set to disable the ciphering of the returned text (useful for debugging). 
 --@args key     Script uses this value instead of a random encryption key (useful for debugging the crypto). 
 -----------------------------------------------------------------------

@@ -476,7 +476,7 @@ function cleanup(host, config)
 	stdnse.sleep(.01)

 	-- If the user doesn't want to clean up, don't
-	if(nmap.registry.args.nocleanup == '1' or nmap.registry.args.nocleanup == "true") then
+	if(stdnse.get_script_args( "nocleanup" )) then
 		return
 	end

@@ -688,7 +688,7 @@ local function get_config(host, config)
 	local overrides = getfenv(file)["overrides"]

 	-- Generate a cipher key
-	if(nmap.registry.args.nocipher == "1" or nmap.registry.args.nocipher == "true") then
+	if(stdnse.get_script_args( "nocipher" )) then
 		config.key = ""
 	elseif(nmap.registry.args.key) then
 		config.key = nmap.registry.args.key
@@ -940,7 +940,7 @@ local function get_overrides()
 	local attr = bit.bor(0x00000004,0x00000002,0x00000800,0x00000100,0x00002000,0x00004000)

 	-- Let the user override this behaviour
-	if(nmap.registry.args.nohide == '1' or nmap.registry.args.nohide == 'true') then
+	if(stdnse.get_script_args( "nohide" )) then
 		attr = 0
 	end

@@ -1367,7 +1367,7 @@ and place it in nselib/data/psexec/ under the Nmap DATADIR.
 		cleanup(host, config)
 	
 		-- If the user just wanted a cleanup, do it
-		if(nmap.registry.args.cleanup == '1' or nmap.registry.args.cleanup == 'true') then
+		if(stdnse.get_script_args( "cleanup" )) then
 			return stdnse.format_output(true, "Cleanup complete.")
 		end