From 9ae7fb6a5dcc3fdc2748af17ae5a42f7c8ffa165 Mon Sep 17 00:00:00 2001
From: ron <ron@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Fri, 24 Sep 2010 03:42:38 +0000
Subject: [PATCH] Added the REQUEST_TARGET flag to the extended authentication
 packet. I have no clue what that flag does, and I can't find any
 documentation, but Nmap completely fails against Windows 7 unless it's set.

---
 nselib/smbauth.lua | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nselib/smbauth.lua b/nselib/smbauth.lua
index 6542b4493..b4ee623ba 100644
--- a/nselib/smbauth.lua
+++ b/nselib/smbauth.lua
@@ -658,7 +658,7 @@ end
 function get_security_blob(security_blob, ip, username, domain, password, password_hash, hash_type)
 	local pos = 1
 	local new_blob
-	local flags = 0x00008211 -- (NEGOTIATE_SIGN_ALWAYS | NEGOTIATE_NTLM | NEGOTIATE_SIGN | NEGOTIATE_UNICODE)
+	local flags = 0x00008215 -- (NEGOTIATE_SIGN_ALWAYS | NEGOTIATE_NTLM | NEGOTIATE_SIGN | REQUEST_TARGET | NEGOTIATE_UNICODE)
 
 	if(security_blob == nil) then
 		-- If security_blob is nil, this is the initial packet