PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 20:51:30 +00:00
Code Issues Projects Releases Wiki Activity

Fixed a bunch of errors reported by Ron Bowes;

Browse Source 
http://seclists.org/nmap-dev/2012/q2/639
This commit is contained in:
patrik
2012-06-06 21:57:00 +00:00
parent 731e8b5302
commit c4617f8d31
7 changed files with 85 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
nselib/smbauth.lua
View File

@@ -667,10 +667,10 @@ function get_password_response(ip, username, domain, password, password_hash, ha
return lm_response, ntlm_response, mac_key
end
function get_security_blob(security_blob, ip, username, domain, password, password_hash, hash_type)
function get_security_blob(security_blob, ip, username, domain, password, password_hash, hash_type, flags)
local pos = 1
local new_blob
local flags = 0x00008215 -- (NEGOTIATE_SIGN_ALWAYS | NEGOTIATE_NTLM | NEGOTIATE_SIGN | REQUEST_TARGET | NEGOTIATE_UNICODE)
local flags = flags or 0x00008215 -- (NEGOTIATE_SIGN_ALWAYS | NEGOTIATE_NTLM | NEGOTIATE_SIGN | REQUEST_TARGET | NEGOTIATE_UNICODE)
if(security_blob == nil) then
-- If security_blob is nil, this is the initial packet
@@ -684,10 +684,8 @@ function get_security_blob(security_blob, ip, username, domain, password, passwo
return true, new_blob, "", ""
else
local identifier, message_type, domain_length, domain_max, domain_offset, server_flags, challenge, reserved
-- Parse the old security blob
pos, identifier, message_type, domain_length, domain_max, domain_offset, server_flags, challenge, reserved = bin.unpack("<LISSIIA8A8", security_blob, 1)
local pos, identifier, message_type, domain_length, domain_max, domain_offset, server_flags, challenge, reserved = bin.unpack("<LISSIIA8A8", security_blob, 1)
-- Get the information for the current login
local lanman, ntlm, mac_key = get_password_response(ip, username, domain, password, password_hash, hash_type, challenge, true)