diff --git a/CHANGELOG b/CHANGELOG index a53d99a48..a17a6b336 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,8 @@ # Nmap Changelog ($Id$); -*-text-*- +o [NSE] Fixed a problem in oracle-brute that would fail due to connection + exhaustion. Fixed some debugging messages in the brute library [Patrik] + o [Ndiff] Fixed the Mac OS X packages to use the correct path for Python: /usr/bin/python instead of /opt/local/bin/python. The bug was reported by Wellington Castello. [David] diff --git a/nselib/brute.lua b/nselib/brute.lua index b001e6f5a..18b1d912d 100644 --- a/nselib/brute.lua +++ b/nselib/brute.lua @@ -524,16 +524,7 @@ Engine = if ( status ) then -- Prevent locked accounts from appearing several times if ( not(self.found_accounts) or self.found_accounts[response.username] == nil ) then - if ( response.username and #response.username > 0 ) then - stdnse.print_debug("Found valid password %s:%s on target %s", - response.username, - ( response.password and #response.password > 0 ) and response.password or "", - self.host.ip ) - else - stdnse.print_debug("Found valid password %s on target %s", - ( response.password and #response.password > 0 ) and response.password or "", - self.host.ip ) - end + stdnse.print_debug("Discovered account: %s", response:toString()) table.insert( valid_accounts, response:toString() ) self.found_accounts[response.username] = true diff --git a/nselib/tns.lua b/nselib/tns.lua index 83a20f9fa..37f0ce0e6 100644 --- a/nselib/tns.lua +++ b/nselib/tns.lua @@ -254,7 +254,7 @@ Packet.Connect = { if ( tns.data:match("ERR=12514") ) then return false, ("TNS: The listener could not resolve \"%s\""):format(self.dbinstance) end - return false, "The server did not respond with an ACCEPT packet" + return false, tns.data:match("%(ERR=(%d*)%)") end pos, version = bin.unpack(">S", tns.data ) diff --git a/scripts/oracle-brute.nse b/scripts/oracle-brute.nse index 49b0f613a..ca56f91df 100644 --- a/scripts/oracle-brute.nse +++ b/scripts/oracle-brute.nse @@ -65,15 +65,34 @@ Driver = -- -- @return true on success, false on failure connect = function( self ) - local status, data + local status, data self.helper = tns.Helper:new( self.host, self.port, nmap.registry.args['oracle-brute.sid'] ) - status, data = self.helper:Connect() - if ( not(status) ) then - return status, data - end + local MAX_RETRIES = 10 + local tries = MAX_RETRIES - return true + -- This loop is intended for handling failed connections + -- A connection may fail for a number of different reasons. + -- For the moment, we're just handling the error code 12520 + -- + -- Error 12520 has been observed on Oracle XE and seems to + -- occur when a maximum connection count is reached. + repeat + if ( tries < MAX_RETRIES ) then + stdnse.print_debug(2, "%s: Attempting to re-connect (attempt %d of %d)", SCRIPT_NAME, MAX_RETRIES - tries, MAX_RETRIES) + end + status, data = self.helper:Connect() + if ( not(status) ) then + stdnse.print_debug(2, "%s: ERROR: An Oracle %s error occured", SCRIPT_NAME, data) + self.helper:Close() + else + break + end + tries = tries - 1 + stdnse.sleep(1) + until( tries == 0 or data ~= "12520") + + return status, data end, --- Attempts to login to the Oracle server