From 86ef024038d430f693c181763e2137edec4b0185 Mon Sep 17 00:00:00 2001 From: paulino Date: Mon, 25 Sep 2017 04:28:12 +0000 Subject: [PATCH] Fixes issue when parsing NTLM headers. Closes #922 --- scripts/http-ntlm-info.nse | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/http-ntlm-info.nse b/scripts/http-ntlm-info.nse index 440634096..0147910b5 100644 --- a/scripts/http-ntlm-info.nse +++ b/scripts/http-ntlm-info.nse @@ -78,10 +78,10 @@ action = function(host, port) local recvtime = os.time() -- Continue only if correct header (www-authenticate) and NTLM response are included - if response.header["www-authenticate"] and string.match(response.header["www-authenticate"], "NTLM (.*)") then + if response.header["www-authenticate"] and string.match(response.header["www-authenticate"], "NTLM ([a-zA-Z0-9///+=]*)") then -- Extract NTLMSSP response and base64 decode - local data = base64.dec(string.match(response.header["www-authenticate"], "NTLM (.*)")) + local data = base64.dec(string.match(response.header["www-authenticate"], "NTLM ([a-zA-Z0-9///+=]*)")) -- Leverage smbauth.get_host_info_from_security_blob() for decoding local ntlm_decoded = smbauth.get_host_info_from_security_blob(data)