PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-08 05:31:31 +00:00
Code Issues Projects Releases Wiki Activity

Add a new msrpc.lua module, plus new scripts smb-enumdomains.nse,

Browse Source 
smb-enumshares.nse, and smb-enumusers.nse. Also enhance the netbios.lua and
smb.lua modules. Remove the smb-enum.nse script. All these changes are from Ron
Bowes.
This commit is contained in:
david
2008-10-04 21:58:39 +00:00
parent 13663fb649
commit ae7455279e
12 changed files with 3463 additions and 310 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
scripts/smb-security-mode.nse
View File

@@ -1,25 +1,25 @@
--- Returns information about the SMB security level determined by SMB.
--
-- Here is how to interpret the output:
--
--- Returns information about the SMB security level determined by SMB. \n
--\n
-- Here is how to interpret the output:\n
--\n
-- User-level security: Each user has a separate username/password that is used
-- to log into the system. This is the default setup of pretty much everything
-- these days.
-- these days. \n
-- Share-level security: The anonymous account should be used to log in, then
-- the password is given (in plaintext) when a share is accessed. All users who
-- have access to the share use this password. This was the original way of doing
-- things, but isn't commonly seen, now. If a server uses share-level security,
-- it is vulnerable to sniffing.
--
-- it is vulnerable to sniffing. \n
--\n
-- Challenge/response passwords: If enabled, the server can accept any type of
-- password:
-- * Plaintext
-- * LM and NTLM
-- * LMv2 and NTLMv2
-- password:\n
-- * Plaintext\n
-- * LM and NTLM\n
-- * LMv2 and NTLMv2\n
-- If it isn't set, the server can only accept plaintext passwords. Most servers
-- are configured to use challenge/response these days. If a server is configured
-- to accept plaintext passwords, it is vulnerable to sniffing.
--
-- to accept plaintext passwords, it is vulnerable to sniffing. \n
--\n
-- Message signing: If required, all messages between the client and server must
-- sign be signed by a shared key, derived from the password and the server
-- challenge. If supported and not required, message signing is negotiated between
@@ -27,18 +27,18 @@
-- don't sign messages, so if message signing isn't required by the server, messages
-- probably won't be signed; additionally, if performing a man-in-the-middle attack,
-- an attacker can negotiate no message signing. If message signing isn't required, the
-- server is vulnerable to man-in-the-middle attacks.
--
-- See nselib/smb.lua for more information on the protocol itself.
--
-- server is vulnerable to man-in-the-middle attacks. \n
-- \n
-- See nselib/smb.lua for more information on the protocol itself. \n
--\n
--@usage
-- nmap --script smb-security-mode.nse -p445 127.0.0.1\n
-- sudo nmap -sU -sS --script smb-security-mode.nse -p U:137,T:139 127.0.0.1\n
--
--@output
-- | SMB Security: User-level authentication
-- | SMB Security: Challenge/response passwords supported
-- |_ SMB Security: Message signing supported
-- | SMB Security: User-level authentication\n
-- | SMB Security: Challenge/response passwords supported\n
-- |_ SMB Security: Message signing supported\n
--
-----------------------------------------------------------------------