PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-21 23:19:03 +00:00
Code Issues Projects Releases Wiki Activity

Leverage ftp and comm libs in sslcert.lua

Browse Source 
This should result in faster (comm.lua's timeouts) and more reliable
(ftp.lua's response processing) STARTTLS for FTP
This commit is contained in:
dmiller
2014-09-24 20:31:45 +00:00
parent 278450ce94
commit 3e2ac00e55
1 changed files with 21 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
nselib/sslcert.lua
View File

@@ -19,6 +19,8 @@
local asn1 = require "asn1" local asn1 = require "asn1"
local bin = require "bin" local bin = require "bin"
local comm = require "comm"
local ftp = require "ftp"
local ldap = require "ldap" local ldap = require "ldap"
local nmap = require "nmap" local nmap = require "nmap"
local stdnse = require "stdnse" local stdnse = require "stdnse"
@@ -31,41 +33,31 @@ StartTLS = {
-- TODO: Implement STARTTLS for NNTP -- TODO: Implement STARTTLS for NNTP
ftp_prepare_tls_without_reconnect = function(host, port) ftp_prepare_tls_without_reconnect = function(host, port)
local s = nmap.new_socket()
-- Attempt to negotiate TLS over FTP for services that support it -- Attempt to negotiate TLS over FTP for services that support it
-- Works for FTP (21) -- Works for FTP (21)
-- Open a standard TCP socket -- Open a standard TCP socket
local status, error = s:connect(host, port, "tcp") local s, err = comm.opencon(host, port)
local result if not s then
if not status then return false, string.format("Failed to connect to FTP server: %s", err)
return false, "Failed to connect to FTP server" end
else local buf = stdnse.make_buffer(s, "\r?\n")
-- Loop until the service presents a banner to deal with server local code, result = ftp.read_reply(buf)
-- load and timing issues. There may be a better way to handle this. if code ~= 220 then
local i = 0 return false, string.format("FTP protocol error: %s", code or result)
repeat end
status, result = s:receive_lines(1)
i = i + 1
until string.match(result, "^220") or i == 5
-- Send AUTH TLS command, ask the service to start encryption -- Send AUTH TLS command, ask the service to start encryption
local query = "AUTH TLS\r\n" s:send("AUTH TLS\r\n")
status = s:send(query) code, result = ftp.read_reply(buf)
status, result = s:receive_lines(1) if code ~= 234 then
if not (string.match(result, "^234")) then
stdnse.debug1("%s",result)
stdnse.debug1("AUTH TLS failed or unavailable. Enable --script-trace to see what is happening.") stdnse.debug1("AUTH TLS failed or unavailable. Enable --script-trace to see what is happening.")
-- Send QUIT to clean up server side connection -- Send QUIT to clean up server side connection
local query = "QUIT\r\n" s:send("QUIT\r\n")
status = s:send(query)
result = ""
return false, "Failed to connect to FTP server" return false, string.format("FTP AUTH TLS error: %s", code or result)
end
end end
-- Should have a solid TLS over FTP session now... -- Should have a solid TLS over FTP session now...
return true, s return true, s
@@ -79,7 +71,7 @@ StartTLS = {
if not status then if not status then
stdnse.debug1("Could not establish SSL session after STARTTLS command.") stdnse.debug1("Could not establish SSL session after STARTTLS command.")
s:close() s:close()
return false, "Failed to connect to SMTP server" return false, "Failed to connect to FTP server"
else else
return true, s return true, s
end end