diff --git a/nselib/smb.lua b/nselib/smb.lua
index fd965759a..4b184a994 100644
--- a/nselib/smb.lua
+++ b/nselib/smb.lua
@@ -260,10 +260,10 @@ function start(host)
state['sequence'] = -1
-- Check whether or not the user requested basic authentication
- if(nmap.registry.args.smbbasic == nil) then
- state['extended_security'] = true
- else
+ if(stdnse.get_script_args( "smbbasic" )) then
state['extended_security'] = false
+ else
+ state['extended_security'] = true
end
-- Store the name of the server
diff --git a/nselib/smbauth.lua b/nselib/smbauth.lua
index b4ee623ba..f3aded939 100644
--- a/nselib/smbauth.lua
+++ b/nselib/smbauth.lua
@@ -78,7 +78,7 @@
-- protocol altogether!). If you're using an extremely old system, you might need to set
-- this to v1 or lm, which are less secure but more compatible.
-- For information, see smbauth.lua.
---@args smbnoguest Set to true or 1 to disable usage of the 'guest' account.
+--@args smbnoguest Use to disable usage of the 'guest' account.
module(... or "smbauth", package.seeall)
@@ -260,7 +260,7 @@ function init_account(host)
-- Add the anonymous/guest accounts
add_account(host, '', '', '', nil, 'none')
- if(nmap.registry.args.smbnoguest == nil) then
+ if(not stdnse.get_script_args( "smbnoguest" )) then
add_account(host, 'guest', '', '', nil, 'ntlm')
end
diff --git a/scripts/smb-brute.nse b/scripts/smb-brute.nse
index 4a74a1123..e7a4ddf29 100644
--- a/scripts/smb-brute.nse
+++ b/scripts/smb-brute.nse
@@ -78,7 +78,7 @@ determined with a fairly efficient bruteforce. For example, if the actual passwo
-- | | thisisaverylongnamev:password => Login was successful
-- |_ |_ web:TeSt => Password was correct, but user's account is disabled
--
--- @args smblockout Unless this is set to 1 or true, the script won't continue if it
+-- @args smblockout This argument will force the script to continue if it
-- locks out an account or thinks it will lock out an account.
-- @args brutelimit Limits the number of usernames checked in the script. In some domains,
-- it's possible to end up with 10,000+ usernames on each server. By default, this
@@ -510,7 +510,7 @@ end
-- portion among the domains. Returns true if lockouts could happen, false otherwise.
local function bad_lockout_policy(host)
-- If the user is ok with locking out accounts, just return
- if(nmap.registry.args.smblockout == "1" or nmap.registry.args.smblockout == "true") then
+ if(stdnse.get_script_args( "smblockout" )) then
stdnse.print_debug(1, "smb-brute: Not checking server's lockout policy")
return true, false
end
@@ -735,7 +735,7 @@ function test_lockouts(hostinfo)
return
end
- if(nmap.registry.args.smblockout == 1 or nmap.registry.args.smblockout == "true") then
+ if(stdnse.get_script_args( "smblockout" )) then
return
end
@@ -1009,7 +1009,7 @@ local function go(host)
hostinfo['locked_usernames'][username] = true
-- Unless the user requested to keep going, stop the check
- if(not(nmap.registry.args.smblockout == "1" or nmap.registry.args.smblockout == "true")) then
+ if(not(stdnse.get_script_args( "smblockout" ))) then
-- Mark it as found, which is technically true
status, err = found_account(hostinfo, username, nil, results.ACCOUNT_LOCKED_NOW)
if(status == false) then
diff --git a/scripts/smb-psexec.nse b/scripts/smb-psexec.nse
index f22899dea..c95ca5976 100644
--- a/scripts/smb-psexec.nse
+++ b/scripts/smb-psexec.nse
@@ -382,7 +382,7 @@ Some ideas for later versions (TODO):
--
--@args config The config file to use (eg, default). Config files require a .lua extension, and are located in nselib/data/psexec.
--@args nohide Don't set the uploaded files to hidden/system/etc.
---@args cleanup Set to 1 or true to simply clean up any mess we made (leftover files, processes, etc. on the host OS).
+--@args cleanup Set to only clean up any mess we made (leftover files, processes, etc. on the host OS) on a previous run of the script.
-- This will attempt to delete the files from every share, not just the first one. This is done to prevent leftover
-- files if the OS changes the ordering of the shares (there's no guarantee of shares coming back in any particular
-- order)
@@ -394,10 +394,10 @@ Some ideas for later versions (TODO):
--@args sharepath The full path to the share (eg, "c:\windows"). This is required when creating a service.
--@args time The minimum amount of time, in seconds, to wait for the external module to finish (default: 15)
--
---@args nocleanup If set to 1 or true, don't clean up at all; this leaves the files on the remote system and the wrapper
+--@args nocleanup Set to not clean up at all; this leaves the files on the remote system and the wrapper
-- service installed. This is bad in practice, but significantly reduces the network traffic and makes analysis
-- easier.
---@args nocipher Set to 1 or true to disable the ciphering of the returned text (useful for debugging).
+--@args nocipher Set to disable the ciphering of the returned text (useful for debugging).
--@args key Script uses this value instead of a random encryption key (useful for debugging the crypto).
-----------------------------------------------------------------------
@@ -476,7 +476,7 @@ function cleanup(host, config)
stdnse.sleep(.01)
-- If the user doesn't want to clean up, don't
- if(nmap.registry.args.nocleanup == '1' or nmap.registry.args.nocleanup == "true") then
+ if(stdnse.get_script_args( "nocleanup" )) then
return
end
@@ -688,7 +688,7 @@ local function get_config(host, config)
local overrides = getfenv(file)["overrides"]
-- Generate a cipher key
- if(nmap.registry.args.nocipher == "1" or nmap.registry.args.nocipher == "true") then
+ if(stdnse.get_script_args( "nocipher" )) then
config.key = ""
elseif(nmap.registry.args.key) then
config.key = nmap.registry.args.key
@@ -940,7 +940,7 @@ local function get_overrides()
local attr = bit.bor(0x00000004,0x00000002,0x00000800,0x00000100,0x00002000,0x00004000)
-- Let the user override this behaviour
- if(nmap.registry.args.nohide == '1' or nmap.registry.args.nohide == 'true') then
+ if(stdnse.get_script_args( "nohide" )) then
attr = 0
end
@@ -1367,7 +1367,7 @@ and place it in nselib/data/psexec/ under the Nmap DATADIR.
cleanup(host, config)
-- If the user just wanted a cleanup, do it
- if(nmap.registry.args.cleanup == '1' or nmap.registry.args.cleanup == 'true') then
+ if(stdnse.get_script_args( "cleanup" )) then
return stdnse.format_output(true, "Cleanup complete.")
end