PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 13:11:28 +00:00
Code Issues Projects Releases Wiki Activity

Fixes issue when parsing NTLM headers. Closes #922

Browse Source
This commit is contained in:
paulino
2017-09-25 04:28:12 +00:00
parent c7c92f4529
commit 86ef024038
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/http-ntlm-info.nse
View File

@@ -78,10 +78,10 @@ action = function(host, port)
local recvtime = os.time() local recvtime = os.time()
-- Continue only if correct header (www-authenticate) and NTLM response are included -- Continue only if correct header (www-authenticate) and NTLM response are included
if response.header["www-authenticate"] and string.match(response.header["www-authenticate"], "NTLM (.*)") then if response.header["www-authenticate"] and string.match(response.header["www-authenticate"], "NTLM ([a-zA-Z0-9///+=]*)") then
-- Extract NTLMSSP response and base64 decode -- Extract NTLMSSP response and base64 decode
local data = base64.dec(string.match(response.header["www-authenticate"], "NTLM (.*)")) local data = base64.dec(string.match(response.header["www-authenticate"], "NTLM ([a-zA-Z0-9///+=]*)"))
-- Leverage smbauth.get_host_info_from_security_blob() for decoding -- Leverage smbauth.get_host_info_from_security_blob() for decoding
local ntlm_decoded = smbauth.get_host_info_from_security_blob(data) local ntlm_decoded = smbauth.get_host_info_from_security_blob(data)