Remove trailing whitespace

2025-12-06 04:31:29 +00:00 · 2016-08-29 20:30:26 +00:00
parent 59d9e31ab2
commit 92f52de958
23 changed files with 176 additions and 176 deletions
--- a/nselib/bitcoin.lua
+++ b/nselib/bitcoin.lua
@@ -189,7 +189,7 @@ Request = {
    end,
   },
- 
+
  -- The pong message is sent in response to a ping message.
  Pong = {
    new = function(self)
@@ -207,7 +207,7 @@ Request = {
      return bin.pack("<IAII", magic, cmd, len, chksum)
    end,
- 
+
  }
 }
--- a/nselib/http.lua
+++ b/nselib/http.lua
@@ -1299,7 +1299,7 @@ function generic_request(host, port, method, path, options)
    local auth_blob = "NTLMSSP\x00" .. -- NTLM signature
    "\x01\x00\x00\x00" .. -- NTLM Type 1 message
-    bin.pack("<I", 0xa208b207) .. -- flags 56, 128, Version, Extended Security, Always Sign, Workstation supplied, Domain Supplied, NTLM Key, OEM, Unicode 
+    bin.pack("<I", 0xa208b207) .. -- flags 56, 128, Version, Extended Security, Always Sign, Workstation supplied, Domain Supplied, NTLM Key, OEM, Unicode
    bin.pack("<SSISSI",#workstation_name, #workstation_name, 40 + #hostname, #hostname, #hostname, 40) .. -- Supplied Domain and Workstation
    bin.pack("CC<S", -- OS version info
    5, 1, 2600) .. -- 5.1.2600
--- a/nselib/ldap.lua
+++ b/nselib/ldap.lua
@@ -366,7 +366,7 @@ function udpSearchRequest( host, port, params )
  local encoder = asn1.ASN1Encoder:new()
  local decoder = asn1.ASN1Decoder:new()
-  
+
  encoder:registerTagEncoders(tagEncoder)
  decoder:registerTagDecoders(tagDecoder)
--- a/nselib/snmp.lua
+++ b/nselib/snmp.lua
@@ -444,7 +444,7 @@ Helper = {
    self.__index = self
    o.host = host
    o.port = port
-    
+
    o.community = community or "public"
    if community == nil then
      local creds_store = creds.Credentials:new(creds.ALL_DATA, host, port)
@@ -461,7 +461,7 @@ Helper = {
      timeout = 5000,
      version = 0
    }
-    
+
    return o
  end,
@@ -558,7 +558,7 @@ Helper = {
    while ( snmpdata and snmpdata[1] and snmpdata[1][1] and snmpdata[1][2] ) do
      oid  = snmpdata[1][2]
      if not oid:match(base_oid) or base_oid == oid then break end
-      
+
      table.insert(snmp_table, { oid = oid, value = snmpdata[1][1] })
      local _ -- NSE don't want you to use global even if it is _
      _, snmpdata = self:getnext(options, oid)
--- a/nselib/sslcert.lua
+++ b/nselib/sslcert.lua
@@ -828,7 +828,7 @@ function getCertificate(host, port)
  local cert
-  -- If we don't already know the service is TLS wrapped check to see if we 
+  -- If we don't already know the service is TLS wrapped check to see if we
  -- have to use a wrapper and do a manual handshake
  local wrapper
  if not ( port.version.service_tunnel == 'ssl' ) then
@@ -899,9 +899,9 @@ function getCertificate(host, port)
      return false, "Unable to get cert"
    end
  else
-    -- If we don't already know the service is TLS wrapped check to see if 
+    -- If we don't already know the service is TLS wrapped check to see if
    -- there a specialized function for this port
-    local specialized 
+    local specialized
    if not ( port.version.service_tunnel == 'ssl' ) then
      specialized = SPECIALIZED_PREPARE_TLS[port.service] or SPECIALIZED_PREPARE_TLS[port.number]
    end
--- a/scripts/clamav-exec.nse
+++ b/scripts/clamav-exec.nse
@@ -1,5 +1,5 @@
 local shortport = require "shortport"
-local vulns = require "vulns" 
+local vulns = require "vulns"
 local nmap = require "nmap"
 local stdnse = require "stdnse"
 local table = require "table"
@@ -8,14 +8,14 @@ local string = require "string"
 local comm = require "comm"
 description = [[
-Exploits ClamAV servers vulnerable to unauthenticated clamav comand execution. 
+Exploits ClamAV servers vulnerable to unauthenticated clamav comand execution.
-ClamAV server 0.99.2, and possibly other previous versions, allow the execution 
+ClamAV server 0.99.2, and possibly other previous versions, allow the execution
-of dangerous service commands without authentication. Specifically, the command 'SCAN' 
+of dangerous service commands without authentication. Specifically, the command 'SCAN'
-may be used to list system files and the command 'SHUTDOWN' shut downs the 
+may be used to list system files and the command 'SHUTDOWN' shut downs the
 service. This vulnerability was discovered by Alejandro Hernandez (nitr0us).
-This script without arguments test the availability of the command 'SCAN'. 
+This script without arguments test the availability of the command 'SCAN'.
 Reference:
 * https://twitter.com/nitr0usmx/status/740673507684679680
@@ -23,38 +23,38 @@ Reference:
 ]]
 ---
-- @usage 
+-- @usage
 -- nmap -sV --script clamav-exec <target>
 -- nmap --script clamav-exec --script-args cmd='scan',scandb='files.txt' <target>
 -- nmap --script clamav-exec --script-args cmd='shutdown' <target>
-- 
+--
 -- @output
 -- PORT     STATE SERVICE VERSION
 -- 3310/tcp open  clam    ClamAV 0.99.2 (21714)
-- | clamav-exec: 
+-- | clamav-exec:
 -- |   VULNERABLE:
 -- |   ClamAV Remote Command Execution
 -- |     State: VULNERABLE
-- |       ClamAV 0.99.2, and possibly other previous versions, allow the execution of the 
+-- |       ClamAV 0.99.2, and possibly other previous versions, allow the execution of the
-- |       clamav commands SCAN and SHUTDOWN without authentication. The command 'SCAN' 
+-- |       clamav commands SCAN and SHUTDOWN without authentication. The command 'SCAN'
-- |       may be used to enumerate system files and the command 'SHUTDOWN' shut downs the 
+-- |       may be used to enumerate system files and the command 'SHUTDOWN' shut downs the
 -- |       service. This vulnerability was discovered by Alejandro Hernandez (nitr0us).
-- |       
+-- |
 -- |     Disclosure date: 2016-06-8
 -- |     Extra information:
 -- |       SCAN command is enabled.
 -- |     References:
 -- |       https://bugzilla.clamav.net/show_bug.cgi?id=11585
 -- |_      https://twitter.com/nitr0usmx/status/740673507684679680
-- @xmloutput 
+-- @xmloutput
 -- <table key="NMAP-1">
 -- <elem key="title">ClamAV Remote Command Execution</elem>
 -- <elem key="state">VULNERABLE</elem>
 -- <table key="description">
-- <elem>ClamAV 0.99.2, and possibly other previous versions, allow the execution 
+-- <elem>ClamAV 0.99.2, and possibly other previous versions, allow the execution
-- of the &#xa;clamav commands SCAN and SHUTDOWN without authentication. 
+-- of the &#xa;clamav commands SCAN and SHUTDOWN without authentication.
-- The command &apos;SCAN&apos; &#xa;may be used to enumerate system files and 
+-- The command &apos;SCAN&apos; &#xa;may be used to enumerate system files and
-- the command &apos;SHUTDOWN&apos; shut downs the &#xa;service. 
+-- the command &apos;SHUTDOWN&apos; shut downs the &#xa;service.
 -- This vulnerability was discovered by Alejandro Hernandez (nitr0us).&#xa;</elem>
 -- </table>
 -- <table key="dates">
@@ -75,7 +75,7 @@ Reference:
 -- </table>
 --
 -- @args clamav-exec.cmd Command to execute. Option: scan and shutdown
-- @args clamav-exec.scandb Database to file list. 
+-- @args clamav-exec.scandb Database to file list.
 ---
 author = "Paulino Calderon <calderon()websec.mx>"
@@ -112,7 +112,7 @@ local function scan(host, port, file)
      stdnse.debug1("SCAN command enabled.")
      return true, nil
    end
-  else 
+  else
    status, data = comm.exchange(host, port, "SCAN " .. file)
    if not status then
      stdnse.debug1("Failed to send 'SCAN %s' command:%s", file, data)
@@ -164,9 +164,9 @@ action = function(host, port)
    title = 'ClamAV Remote Command Execution',
    state = vulns.STATE.NOT_VULN,
    description = [[
-ClamAV 0.99.2, and possibly other previous versions, allow the execution of the 
+ClamAV 0.99.2, and possibly other previous versions, allow the execution of the
-clamav commands SCAN and SHUTDOWN without authentication. The command 'SCAN' 
+clamav commands SCAN and SHUTDOWN without authentication. The command 'SCAN'
-may be used to enumerate system files and the command 'SHUTDOWN' shut downs the 
+may be used to enumerate system files and the command 'SHUTDOWN' shut downs the
 service. This vulnerability was discovered by Alejandro Hernandez (nitr0us).
 ]],
    references = {
@@ -205,10 +205,10 @@ service. This vulnerability was discovered by Alejandro Hernandez (nitr0us).
  elseif cmd == "shutdown" then
    status = shutdown(host, port)
    if status then
-      vuln.extra_info = "SHUTDOWN command sent succesfully."  
+      vuln.extra_info = "SHUTDOWN command sent succesfully."
      vuln.state = vulns.STATE.VULN
    end
-  else 
+  else
    status, files = scan(host, port, nil)
    if status then
      vuln.extra_info = "SCAN command is enabled."
--- a/scripts/hnap-info.nse
+++ b/scripts/hnap-info.nse
@@ -7,7 +7,7 @@ local nmap = require "nmap"
 description = [[
 Retrieve hardwares details and configuration information utilizing HNAP, the "Home Network Administration Protocol".
-It is an HTTP-Simple Object Access Protocol (SOAP)-based protocol which allows for remote topology discovery, 
+It is an HTTP-Simple Object Access Protocol (SOAP)-based protocol which allows for remote topology discovery,
 configuration, and management of devices (routers, cameras, PCs, NAS, etc.)]]
 ---
@@ -17,7 +17,7 @@ configuration, and management of devices (routers, cameras, PCs, NAS, etc.)]]
 -- @output
 -- PORT     STATE SERVICE    REASON
 -- 8080/tcp open  http-proxy syn-ack
-- | hnap-info: 
+-- | hnap-info:
 -- |   Type: GatewayWithWiFi
 -- |   Device: Ingraham
 -- |   Vendor: Linksys
@@ -25,7 +25,7 @@ configuration, and management of devices (routers, cameras, PCs, NAS, etc.)]]
 -- |   Model: E1200
 -- |   Firmware: 1.0.00 build 11
 -- |   Presentation URL: http://192.168.1.1/
-- |   SOAPACTIONS: 
+-- |   SOAPACTIONS:
 -- |     http://purenetworks.com/HNAP1/IsDeviceReady
 -- |     http://purenetworks.com/HNAP1/GetDeviceSettings
 -- |     http://purenetworks.com/HNAP1/SetDeviceSettings
@@ -104,10 +104,10 @@ function action (host, port)
      closeElement = function(name) parser._call.text = function() return nil end end
    }
    parser:parseSAX(response.body, {stripWhitespace=true})
-    
+
    -- exit if the parser does not return output
    if not next(output) then return nil end
-    
+
    -- set the port verson
    port.version.name = "hnap"
    port.version.name_confidence = 10
--- a/scripts/http-aspnet-debug.nse
+++ b/scripts/http-aspnet-debug.nse
@@ -1,60 +1,60 @@
-local http = require "http"
+local http = require "http"
-local shortport = require "shortport"
+local shortport = require "shortport"
-local stdnse = require "stdnse"
+local stdnse = require "stdnse"
-
+
-description =  [[
+description =  [[
-Determines if a ASP.NET application has debugging enabled using a HTTP DEBUG request.
+Determines if a ASP.NET application has debugging enabled using a HTTP DEBUG request.
-
+
-The HTTP DEBUG verb is used within ASP.NET applications to start/stop remote 
+The HTTP DEBUG verb is used within ASP.NET applications to start/stop remote
-debugging sessions. The script sends a 'stop-debug' command to determine the 
+debugging sessions. The script sends a 'stop-debug' command to determine the
-application's current configuration state but access to RPC services is required
+application's current configuration state but access to RPC services is required
- to interact with the debugging session. The request does not change the 
+ to interact with the debugging session. The request does not change the
-application debugging configuration.
+application debugging configuration.
-]]
+]]
-
+
---
+---
-- @usage nmap --script http-debug <target>
+-- @usage nmap --script http-debug <target>
-- @usage nmap --script http-debug --script-args http-aspnet-debug.path=/path <target>
+-- @usage nmap --script http-debug --script-args http-aspnet-debug.path=/path <target>
--
+--
-- @args http-debug.path Path to URI. Default: /
+-- @args http-debug.path Path to URI. Default: /
--
+--
-- @output
+-- @output
-- 80/tcp open  http    syn-ack
+-- 80/tcp open  http    syn-ack
-- | http-aspnet-debug: 
+-- | http-aspnet-debug:
-- |_  status: DEBUG is enabled
+-- |_  status: DEBUG is enabled
--
+--
-- @xmloutput
+-- @xmloutput
-- <elem key="status">DEBUG is enabled</elem>
+-- <elem key="status">DEBUG is enabled</elem>
---
+---
-
+
-author = "Josh Amishav-Zlatin"
+author = "Josh Amishav-Zlatin"
-license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
+license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
-categories = { "vuln", "discovery" } 
+categories = { "vuln", "discovery" }
-
+
-portrule = shortport.http
+portrule = shortport.http
-
+
-local function generate_http_debug_req(host, port, path)
+local function generate_http_debug_req(host, port, path)
-  local status = false 
+  local status = false
-  local options = {header={}}
+  local options = {header={}}
-  options["header"]["Command"] = "stop-debug"
+  options["header"]["Command"] = "stop-debug"
-  options["redirect_ok"] = 2
+  options["redirect_ok"] = 2
-
+
-  -- send DEBUG request with stop-debug command
+  -- send DEBUG request with stop-debug command
-  local req = http.generic_request(host, port, "DEBUG", path, options)
+  local req = http.generic_request(host, port, "DEBUG", path, options)
-
+
-  stdnse.debug1("Response body: %s", req.body )
+  stdnse.debug1("Response body: %s", req.body )
-  if req.body:match("OK") then
+  if req.body:match("OK") then
-    status = true
+    status = true
-  end
+  end
-  return status
+  return status
-end
+end
-
+
-action = function(host, port)
+action = function(host, port)
-  local output = stdnse.output_table()
+  local output = stdnse.output_table()
-  local path = stdnse.get_script_args(SCRIPT_NAME .. ".path") or "/"
+  local path = stdnse.get_script_args(SCRIPT_NAME .. ".path") or "/"
-  local status = generate_http_debug_req(host, port, path)
+  local status = generate_http_debug_req(host, port, path)
-  if status then
+  if status then
-    output.status = "DEBUG is enabled"
+    output.status = "DEBUG is enabled"
-    return output
+    return output
-  end
+  end
-end
+end
--- a/scripts/http-backup-finder.nse
+++ b/scripts/http-backup-finder.nse
@@ -96,7 +96,7 @@ action = function(host, port)
  -- Check if we can use HEAD requests
  local use_head = http.can_use_head(host, port, result_404)
-  
+
  local backups = {}
  while(true) do
    local status, r = crawler:crawl()
@@ -141,7 +141,7 @@ action = function(host, port)
        else
          response = http.get(host, port, escaped_link, {redirect_ok=false})
        end
-        
+
        if http.page_exists(response, result_404, known_404, escaped_link, false) then
          if ( not(parsed.port) ) then
            table.insert(backups,
--- a/scripts/http-brute.nse
+++ b/scripts/http-brute.nse
@@ -22,8 +22,8 @@ the creds library, for other scripts to use.
 -- @output
 -- PORT     STATE SERVICE REASON
 -- 80/tcp   open  http    syn-ack
-- | http-brute: 
+-- | http-brute:
-- |   Accounts: 
+-- |   Accounts:
 -- |     user:user - Valid credentials
 -- |_  Statistics: Performed 123 guesses in 1 seconds, average tps: 123
 --
--- a/scripts/http-cross-domain-policy.nse
+++ b/scripts/http-cross-domain-policy.nse
@@ -32,7 +32,7 @@ References:
 -- @output
 -- PORT   STATE SERVICE REASON
 -- 8080/tcp open  http-proxy syn-ack
-- | http-crossdomainxml-slaxml: 
+-- | http-crossdomainxml-slaxml:
 -- |   VULNERABLE:
 -- |   Cross-domain policy file (crossdomain.xml)
 -- |     State: VULNERABLE
--- a/scripts/http-form-fuzzer.nse
+++ b/scripts/http-form-fuzzer.nse
@@ -130,7 +130,7 @@ local function fuzz_form(form, minlen, maxlen, host, port, path)
  else
    sending_function = function(data) return http.get(host, port, form_submission_path.."?"..url.build_query(data), {no_cache=true, bypass_cache=true}) end
  end
-  
+
  local function fuzz_field(field)
    local affected_string = {}
    local affected_int = {}
@@ -138,14 +138,14 @@ local function fuzz_form(form, minlen, maxlen, host, port, path)
    for i=minlen,maxlen do -- maybe a better idea would be to increment the string's length by more then 1 in each step
      local response_string
      local response_number
-      
+
      --first try to fuzz with a string
      postdata[field["name"]] = stdnse.generate_random_string(i, charset)
      response_string = sending_function(postdata)
      --then with a number
      postdata[field["name"]] = stdnse.generate_random_string(i, charset_number)
      response_number = sending_function(postdata)
-      
+
      if check_response(response_string) then
        affected_string[#affected_string+1]=i
      elseif request_too_big(response_string) then
--- a/scripts/http-grep.nse
+++ b/scripts/http-grep.nse
@@ -22,15 +22,15 @@ The script searches for email and ip by default.
 -- @output
 -- PORT   STATE SERVICE REASON
 -- 80/tcp open  http    syn-ack
-- | http-grep: 
+-- | http-grep:
-- |   (1) http://nmap.org/book/man-bugs.html: 
+-- |   (1) http://nmap.org/book/man-bugs.html:
-- |     (1) email: 
+-- |     (1) email:
 -- |       + dev@nmap.org
-- |   (1) http://nmap.org/book/install.html: 
+-- |   (1) http://nmap.org/book/install.html:
-- |     (1) email: 
+-- |     (1) email:
 -- |       + fyodor@nmap.org
-- |   (16) http://nmap.org/changelog.html: 
+-- |   (16) http://nmap.org/changelog.html:
-- |     (7) ip: 
+-- |     (7) ip:
 -- |       + 255.255.255.255
 -- |       + 10.99.24.140
 -- |       + 74.125.53.103
@@ -38,7 +38,7 @@ The script searches for email and ip by default.
 -- |       + 203.65.42.255
 -- |       + 192.31.33.7
 -- |       + 168.0.40.135
-- |     (9) email: 
+-- |     (9) email:
 -- |       + d1n@inbox.com
 -- |       + fyodor@insecure.org
 -- |       + uce@ftc.gov
@@ -48,8 +48,8 @@ The script searches for email and ip by default.
 -- |       + president@whitehouse.gov
 -- |       + haesslich@loyalty.org
 -- |       + rchong@fcc.gov
-- |   (6) http://nmap.org/5/#5changes: 
+-- |   (6) http://nmap.org/5/#5changes:
-- |     (6) ip: 
+-- |     (6) ip:
 -- |       + 207.68.200.30
 -- |       + 64.13.134.52
 -- |       + 4.68.105.6
--- a/scripts/http-internal-ip-disclosure.nse
+++ b/scripts/http-internal-ip-disclosure.nse
@@ -20,7 +20,7 @@ versions of Microsoft IIS, but affects other web servers as well.
 --
 -- @output
 -- 80/tcp open  http    syn-ack
-- | http-internal-ip-disclosure: 
+-- | http-internal-ip-disclosure:
 -- |_  Internal IP Leaked: 10.0.0.2
 --
 -- @xmloutput
@@ -29,7 +29,7 @@ versions of Microsoft IIS, but affects other web servers as well.
 author = "Josh Amishav-Zlatin"
 license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
-categories = { "vuln", "discovery", "safe" } 
+categories = { "vuln", "discovery", "safe" }
 portrule = shortport.http
@@ -81,7 +81,7 @@ action = function(host, port)
  end
  if IP then
-    output["Internal IP Leaked"] = IP 
+    output["Internal IP Leaked"] = IP
    return output
  end
 end
--- a/scripts/http-webdav-scan.nse
+++ b/scripts/http-webdav-scan.nse
@@ -27,12 +27,12 @@ This script takes inspiration from the various scripts listed here:
 -- @output
 -- PORT     STATE SERVICE
 -- 8008/tcp open  http
-- | http-webdav-scan: 
+-- | http-webdav-scan:
 -- |   Allowed Methods: GET, HEAD, COPY, MOVE, POST, PUT, PROPFIND, PROPPATCH, OPTIONS, MKCOL, DELETE, TRACE, REPORT
 -- |   Server Type: DAV/0.9.8 Python/2.7.6
 -- |   Server Date: Fri, 22 May 2015 19:28:00 GMT
 -- |   WebDAV type: unkown
-- |   Directory Listing: 
+-- |   Directory Listing:
 -- |     http://localhosft
 -- |     http://localhost:8008/WebDAVTest_b1tqTWeyRR
 -- |     http://localhost:8008/WebDAVTest_A0QWJb7hcK
--- a/scripts/http-wordpress-enum.nse
+++ b/scripts/http-wordpress-enum.nse
@@ -188,7 +188,7 @@ action = function(host, port)
    stdnse.debug1("Exiting due to ambiguous response from web server on %s:%s. All URIs return status 200.", host.ip, port.number)
    return nil
  end
-  
+
  -- search the website root for evidences of a Wordpress path
  if not wp_root then
    local target_index = http.get(host,port, "/")
--- a/scripts/ip-geolocation-maxmind.nse
+++ b/scripts/ip-geolocation-maxmind.nse
@@ -597,7 +597,7 @@ action = function(host,port)
  if f_maxmind then
    gi = assert( GeoIP:new(f_maxmind), "Wrong file specified for a Maxmind database")
  else
-    gi = assert( GeoIP:new(nmap.fetchfile("nselib/data/GeoLiteCity.dat")), 
+    gi = assert( GeoIP:new(nmap.fetchfile("nselib/data/GeoLiteCity.dat")),
                 "Cannot read GeoLiteCity.dat in 'nselib/data/'. Download the database from http://dev.maxmind.com/geoip/legacy/geolite/.")
  end
  local out = gi:output_record_by_addr(host.ip)
--- a/scripts/smb-vuln-conficker.nse
+++ b/scripts/smb-vuln-conficker.nse
@@ -7,7 +7,7 @@ local table = require "table"
 local vulns = require "vulns"
 description = [[
-Detects Microsoft Windows systems infected by the Conficker worm. This check is dangerous and 
+Detects Microsoft Windows systems infected by the Conficker worm. This check is dangerous and
 it may crash systems.
 Based loosely on the Simple Conficker Scanner, found here:
@@ -21,7 +21,7 @@ This check was previously part of smb-check-vulns.
 -- nmap -sU --script smb-vuln-conficker.nse -p T:139 <host>
 --
 --@output
--| smb-vuln-conficker: 
+--| smb-vuln-conficker:
 --|   VULNERABLE:
 --|   Microsoft Windows system infected by Conficker
 --|     State: VULNERABLE
--- a/scripts/smb-vuln-cve2009-3103.nse
+++ b/scripts/smb-vuln-cve2009-3103.nse
@@ -11,8 +11,8 @@ Detects Microsoft Windows systems vulnerable to denial of service (CVE-2009-3103
 This script will crash the service if it is vulnerable.
 The script performs a denial-of-service against the vulnerability disclosed in
-CVE-2009-3103. This works against Windows Vista and some versions of Windows 7, 
+CVE-2009-3103. This works against Windows Vista and some versions of Windows 7,
-and causes a bluescreen if successful. The proof-of-concept code at 
+and causes a bluescreen if successful. The proof-of-concept code at
 http://seclists.org/fulldisclosure/2009/Sep/39 was used, with one small change.
 This check was previously part of smb-check-vulns.
@@ -25,17 +25,17 @@ This check was previously part of smb-check-vulns.
 --
 --@output
 --Host script results:
--| smb-vuln-cve2009-3103: 
+--| smb-vuln-cve2009-3103:
 --|   VULNERABLE:
 --|   SMBv2 exploit (CVE-2009-3103, Microsoft Security Advisory 975497)
 --|     State: VULNERABLE
 --|     IDs:  CVE:CVE-2009-3103
--|           Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, 
+--|           Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2,
--|           Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a 
+--|           Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a
--|           denial of service (system crash) via an & (ampersand) character in a Process ID High header field in a NEGOTIATE 
+--|           denial of service (system crash) via an & (ampersand) character in a Process ID High header field in a NEGOTIATE
--|           PROTOCOL REQUEST packet, which triggers an attempted dereference of an out-of-bounds memory location, 
+--|           PROTOCOL REQUEST packet, which triggers an attempted dereference of an out-of-bounds memory location,
 --|           aka "SMBv2 Negotiation Vulnerability." NOTE: some of these details are obtained from third party information.
--|           
+--|
 --|     Disclosure date: 2009-09-08
 --|     References:
 --|       http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3103
@@ -147,11 +147,11 @@ action = function(host)
    title = 'SMBv2 exploit (CVE-2009-3103, Microsoft Security Advisory 975497)',
    state = vulns.STATE.NOT_VULN,
    description = [[
-    Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, 
+    Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2,
-    Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a 
+    Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a
-    denial of service (system crash) via an & (ampersand) character in a Process ID High header field in a NEGOTIATE 
+    denial of service (system crash) via an & (ampersand) character in a Process ID High header field in a NEGOTIATE
-    PROTOCOL REQUEST packet, which triggers an attempted dereference of an out-of-bounds memory location, 
+    PROTOCOL REQUEST packet, which triggers an attempted dereference of an out-of-bounds memory location,
-    aka "SMBv2 Negotiation Vulnerability." 
+    aka "SMBv2 Negotiation Vulnerability."
    ]],
    IDS = {CVE = 'CVE-2009-3103'},
    references = {
--- a/scripts/smb-vuln-ms06-025.nse
+++ b/scripts/smb-vuln-ms06-025.nse
@@ -29,15 +29,15 @@ This script was previously part of smb-check-vulns.
 -- nmap -sU --script smb-vuln-ms06-025.nse -p U:137,T:139 <host>
 --
 --@output
--| smb-vuln-ms06-025: 
+--| smb-vuln-ms06-025:
 --|   VULNERABLE:
 --|   RRAS Memory Corruption vulnerability (MS06-025)
 --|     State: VULNERABLE
 --|     IDs:  CVE:CVE-2006-2370
--|           A buffer overflow vulnerability in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 
+--|           A buffer overflow vulnerability in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1
--|           and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to 
+--|           and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to
 --|           execute arbitrary code via certain crafted "RPC related requests" aka the "RRAS Memory Corruption Vulnerability."
--|           
+--|
 --|     Disclosure date: 2006-6-27
 --|     References:
 --|       https://technet.microsoft.com/en-us/library/security/ms06-025.aspx
@@ -129,8 +129,8 @@ action = function(host)
    title = 'RRAS Memory Corruption vulnerability (MS06-025)',
    state = vulns.STATE.NOT_VULN,
    description = [[
-    A buffer overflow vulnerability in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 
+    A buffer overflow vulnerability in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1
-    and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to 
+    and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to
    execute arbitrary code via certain crafted "RPC related requests" aka the "RRAS Memory Corruption Vulnerability."
    ]],
    IDS = {CVE = 'CVE-2006-2370'},
--- a/scripts/smb-vuln-ms07-029.nse
+++ b/scripts/smb-vuln-ms07-029.nse
@@ -9,11 +9,11 @@ local vulns = require "vulns"
 description = [[
 Detects Microsoft Windows systems with Dns Server RPC vulnerable to MS07-029.
-MS07-029 targets the <code>R_DnssrvQuery()</code> and <code>R_DnssrvQuery2()</code> 
+MS07-029 targets the <code>R_DnssrvQuery()</code> and <code>R_DnssrvQuery2()</code>
-RPC method which isa part of DNS Server RPC interface that serves as a RPC service 
+RPC method which isa part of DNS Server RPC interface that serves as a RPC service
-for configuring and getting information from the DNS Server service. 
+for configuring and getting information from the DNS Server service.
-DNS Server RPC service can be accessed using "\dnsserver" SMB named pipe. 
+DNS Server RPC service can be accessed using "\dnsserver" SMB named pipe.
-The vulnerability is triggered when a long string is send as the "zone" parameter 
+The vulnerability is triggered when a long string is send as the "zone" parameter
 which causes the buffer overflow which crashes the service.
 This check was previously part of smb-check-vulns.
@@ -25,15 +25,15 @@ This check was previously part of smb-check-vulns.
 --
 --@output
 --Host script results:
--| smb-vuln-ms07-029: 
+--| smb-vuln-ms07-029:
 --|   VULNERABLE:
 --|   Windows DNS RPC Interface Could Allow Remote Code Execution (MS07-029)
 --|     State: VULNERABLE
 --|     IDs:  CVE:CVE-2007-1748
--|           A stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in 
+--|           A stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in
--|           Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to 
+--|           Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to
 --|           execute arbitrary code via a long zone name containing character constants represented by escape sequences.
--|           
+--|
 --|     Disclosure date: 2007-06-06
 --|     References:
 --|       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1748
@@ -119,8 +119,8 @@ action = function(host)
    title = 'Windows DNS RPC Interface Could Allow Remote Code Execution (MS07-029)',
    state = vulns.STATE.NOT_VULN,
    description = [[
-    A stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in 
+    A stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in
-    Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to 
+    Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to
    execute arbitrary code via a long zone name containing character constants represented by escape sequences.
    ]],
    IDS = {CVE = 'CVE-2007-1748'},
--- a/scripts/smb-vuln-ms08-067.nse
+++ b/scripts/smb-vuln-ms08-067.nse
@@ -7,12 +7,12 @@ local table = require "table"
 local vulns = require "vulns"
 description = [[
-Detects Microsoft Windows systems vulnerable to the remote code execution vulnerability 
+Detects Microsoft Windows systems vulnerable to the remote code execution vulnerability
 known as MS08-067. This check is dangerous and it may crash systems.
 On a fairly wide scan conducted by Brandon Enright, we determined
 that on average, a vulnerable system is more likely to crash than to survive
-the check. Out of 82 vulnerable systems, 52 crashed. 
+the check. Out of 82 vulnerable systems, 52 crashed.
 Please consider this before running the script.
 This check was previously part of smb-check-vulns.nse.
@@ -23,15 +23,15 @@ This check was previously part of smb-check-vulns.nse.
 -- nmap -sU --script smb-vuln-ms08-067.nse -p U:137 <host>
 --
 --@output
--| smb-vuln-ms08-067: 
+--| smb-vuln-ms08-067:
 --|   VULNERABLE:
 --|   Microsoft Windows system vulnerable to remote code execution (MS08-067)
 --|     State: VULNERABLE
 --|     IDs:  CVE:CVE-2008-4250
--|           The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, 
+--|           The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2,
--|           Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary 
+--|           Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary
 --|           code via a crafted RPC request that triggers the overflow during path canonicalization.
--|           
+--|
 --|     Disclosure date: 2008-10-23
 --|     References:
 --|       https://technet.microsoft.com/en-us/library/security/ms08-067.aspx
@@ -75,7 +75,7 @@ local INFECTED   = 5
 --@param host The host object.
 --@return (status, result) If status is false, result is an error code; otherwise, result is either
 --        <code>VULNERABLE</code> for vulnerable, <code>PATCHED</code> for not vulnerable,
--        <code>UNKNOWN</code> if there was an error (likely vulnerable), 
+--        <code>UNKNOWN</code> if there was an error (likely vulnerable),
 --        and <code>INFECTED</code> if it was patched by Conficker.
 function check_ms08_067(host)
  local status, smbstate
@@ -125,8 +125,8 @@ action = function(host)
    title = 'Microsoft Windows system vulnerable to remote code execution (MS08-067)',
    state = vulns.STATE.NOT_VULN,
    description = [[
-    The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, 
+    The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2,
-    Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary 
+    Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary
    code via a crafted RPC request that triggers the overflow during path canonicalization.
    ]],
    IDS = {CVE = 'CVE-2008-4250'},
--- a/scripts/smb-vuln-regsvc-dos.nse
+++ b/scripts/smb-vuln-regsvc-dos.nse
@@ -7,11 +7,11 @@ local table = require "table"
 local vulns = require "vulns"
 description = [[
-Checks if a Microsoft Windows 2000 system is vulnerable to a crash in regsvc caused by a null pointer 
+Checks if a Microsoft Windows 2000 system is vulnerable to a crash in regsvc caused by a null pointer
-dereference. This check will crash the service if it is vulnerable and requires a guest account or 
+dereference. This check will crash the service if it is vulnerable and requires a guest account or
 higher to work.
-The vulnerability was discovered by Ron Bowes while working on <code>smb-enum-sessions</code> and 
+The vulnerability was discovered by Ron Bowes while working on <code>smb-enum-sessions</code> and
 was reported to Microsoft (Case #MSRC8742).
 This check was previously part of smb-check-vulns.
@@ -22,14 +22,14 @@ This check was previously part of smb-check-vulns.
 -- nmap -sU --script smb-vuln-regsvc-dos.nse -p U:137,T:139 <host>
 --
 --@output
--| smb-vuln-regsvc-dos: 
+--| smb-vuln-regsvc-dos:
 --|   VULNERABLE:
 --|   Service regsvc in Microsoft Windows systems vulnerable to denial of service
 --|     State: VULNERABLE
--|       The service regsvc in Microsoft Windows 2000 systems is vulnerable to denial of service caused by a null deference 
+--|       The service regsvc in Microsoft Windows 2000 systems is vulnerable to denial of service caused by a null deference
--|       pointer. This script will crash the service if it is vulnerable. This vulnerability was discovered by Ron Bowes 
+--|       pointer. This script will crash the service if it is vulnerable. This vulnerability was discovered by Ron Bowes
 --|       while working on smb-enum-sessions.
--|_          
+--|_
 ---
 author = {"Ron Bowes", "Jiayi Ye", "Paulino Calderon <calderon()websec.mx>"}
@@ -62,7 +62,7 @@ local PATCHED    = 2
 --
 --@param host The host object.
 --@return (status, result) If status is false, result is an error code; otherwise, result is either
--        <code>VULNERABLE</code> for vulnerable or <code>PATCHED</code> for not vulnerable. 
+--        <code>VULNERABLE</code> for vulnerable or <code>PATCHED</code> for not vulnerable.
 function check_winreg_Enum_crash(host)
  local i, j
  local elements = {}
@@ -107,8 +107,8 @@ action = function(host)
    title = 'Service regsvc in Microsoft Windows systems vulnerable to denial of service',
    state = vulns.STATE.NOT_VULN,
    description = [[
-The service regsvc in Microsoft Windows 2000 systems is vulnerable to denial of service caused by a null deference 
+The service regsvc in Microsoft Windows 2000 systems is vulnerable to denial of service caused by a null deference
-pointer. This script will crash the service if it is vulnerable. This vulnerability was discovered by Ron Bowes 
+pointer. This script will crash the service if it is vulnerable. This vulnerability was discovered by Ron Bowes
 while working on smb-enum-sessions.
    ]]
  }