o [NSE] Added GIOP library and a small script that makes use of it:

- giop-info Queries the CORBA naming server for a list of objects [Patrik]
2026-02-01 02:59:01 +00:00 · 2010-08-19 23:14:39 +00:00
parent 87109b5670
commit af76c5dad7
4 changed files with 766 additions and 0 deletions
--- a/scripts/giop-info.nse
+++ b/scripts/giop-info.nse
@@ -0,0 +1,58 @@
+description = [[
+Queries the CORBA naming server for a list of objects
+]]
+
+author = "Patrik Karlsson"
+license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
+categories = {"discovery", "safe"}
+
+---
+-- @output
+-- PORT     STATE SERVICE              REASON
+-- 1050/tcp open  java-or-OTGfileshare syn-ack
+-- | giop-info:  
+-- |   Object: Hello
+-- |   Context: Test
+-- |_  Object: GoodBye
+
+
+-- Version 0.1
+
+-- Created 07/08/2010 - v0.1 - created by Patrik Karlsson <patrik@cqure.net>
+
+require 'shortport'
+require 'giop'
+
+portrule = shortport.port_or_service( {2809,1050,1049} , "giop", "tcp", "open")
+
+action = function(host, port)
+
+	local helper = giop.Helper:new( host, port )
+	local ctx, objs, status, err
+	local result = {}
+	
+	status, err = helper:Connect()
+	if ( not(status) ) then return err end
+
+	status, ctx = helper:GetNamingContext()
+	if ( not(status) ) then return "  \n  ERROR: " .. ctx end
+	
+	status, objs = helper:ListObjects(ctx)
+	if ( not(status) ) then return "  \n  ERROR: " .. objs end
+	
+	for _, obj in ipairs( objs ) do 
+		local tmp = ""
+		
+		if ( obj.enum == 0 ) then
+			tmp = "Object: "
+		elseif( obj.enum == 1 ) then
+			tmp = "Context: "
+		else
+			tmp = "Unknown: "
+		end
+		
+		table.insert(result, tmp .. obj.id ) 
+	end
+	
+	return stdnse.format_output(true, result)
+end
--- a/scripts/script.db
+++ b/scripts/script.db
@@ -35,6 +35,7 @@ Entry { filename = "ftp-anon.nse", categories = { "auth", "default", "safe", } }
 Entry { filename = "ftp-bounce.nse", categories = { "default", "intrusive", } }
 Entry { filename = "ftp-brute.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "ftp-libopie.nse", categories = { "intrusive", "vuln", } }
+Entry { filename = "giop-info.nse", categories = { "discovery", "safe", } }
 Entry { filename = "html-title.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "http-auth.nse", categories = { "auth", "default", "intrusive", } }
 Entry { filename = "http-brute.nse", categories = { "auth", "intrusive", } }