mirror of
https://github.com/nmap/nmap.git
synced 2025-12-24 08:29:04 +00:00
Re-indent some scripts. Whitespace-only commit
https://secwiki.org/w/Nmap/Code_Standards
This commit is contained in:
dmiller
@@ -53,113 +53,113 @@ portrule = shortport.port_or_service(5432, "postgresql")
|
||||
-- @param ssl boolean, if true connect using SSL
|
||||
-- @return socket connected to server
|
||||
local function connectSocket(host, port, ssl)
|
||||
local socket = nmap.new_socket()
|
||||
local socket = nmap.new_socket()
|
||||
|
||||
-- set a reasonable timeout value
|
||||
socket:set_timeout(5000)
|
||||
socket:connect(host, port)
|
||||
-- set a reasonable timeout value
|
||||
socket:set_timeout(5000)
|
||||
socket:connect(host, port)
|
||||
|
||||
-- let's be responsible and avoid sending communication in the clear
|
||||
if ( ssl ) then
|
||||
local status = pgsql.requestSSL(socket)
|
||||
if ( status ) then
|
||||
socket:reconnect_ssl()
|
||||
end
|
||||
end
|
||||
return socket
|
||||
-- let's be responsible and avoid sending communication in the clear
|
||||
if ( ssl ) then
|
||||
local status = pgsql.requestSSL(socket)
|
||||
if ( status ) then
|
||||
socket:reconnect_ssl()
|
||||
end
|
||||
end
|
||||
return socket
|
||||
end
|
||||
|
||||
action = function( host, port )
|
||||
|
||||
local status, response, ssl_enable, output
|
||||
local result, response, status, nossl = {}, nil, nil, false
|
||||
local valid_accounts = {}
|
||||
local pg
|
||||
local status, response, ssl_enable, output
|
||||
local result, response, status, nossl = {}, nil, nil, false
|
||||
local valid_accounts = {}
|
||||
local pg
|
||||
|
||||
if ( nmap.registry.args['pgsql.version'] ) then
|
||||
if ( tonumber(nmap.registry.args['pgsql.version']) == 2 ) then
|
||||
pg = pgsql.v2
|
||||
elseif ( tonumber(nmap.registry.args['pgsql.version']) == 3 ) then
|
||||
pg = pgsql.v3
|
||||
else
|
||||
stdnse.print_debug("pgsql-brute: Unsupported version %s", nmap.registry.args['pgsql.version'])
|
||||
return
|
||||
end
|
||||
else
|
||||
pg = pgsql.detectVersion(host, port )
|
||||
end
|
||||
if ( nmap.registry.args['pgsql.version'] ) then
|
||||
if ( tonumber(nmap.registry.args['pgsql.version']) == 2 ) then
|
||||
pg = pgsql.v2
|
||||
elseif ( tonumber(nmap.registry.args['pgsql.version']) == 3 ) then
|
||||
pg = pgsql.v3
|
||||
else
|
||||
stdnse.print_debug("pgsql-brute: Unsupported version %s", nmap.registry.args['pgsql.version'])
|
||||
return
|
||||
end
|
||||
else
|
||||
pg = pgsql.detectVersion(host, port )
|
||||
end
|
||||
|
||||
local usernames, passwords
|
||||
status, usernames = unpwdb.usernames()
|
||||
if ( not(status) ) then return end
|
||||
local usernames, passwords
|
||||
status, usernames = unpwdb.usernames()
|
||||
if ( not(status) ) then return end
|
||||
|
||||
status, passwords = unpwdb.passwords()
|
||||
if ( not(status) ) then return end
|
||||
status, passwords = unpwdb.passwords()
|
||||
if ( not(status) ) then return end
|
||||
|
||||
-- If the user explicitly does not disable SSL, enforce it
|
||||
if ( ( nmap.registry.args['pgsql.nossl'] == 'true' ) or
|
||||
( nmap.registry.args['pgsql.nossl'] == '1' ) ) then
|
||||
nossl = true
|
||||
end
|
||||
-- If the user explicitly does not disable SSL, enforce it
|
||||
if ( ( nmap.registry.args['pgsql.nossl'] == 'true' ) or
|
||||
( nmap.registry.args['pgsql.nossl'] == '1' ) ) then
|
||||
nossl = true
|
||||
end
|
||||
|
||||
for username in usernames do
|
||||
ssl_enable = not(nossl)
|
||||
for password in passwords do
|
||||
stdnse.print_debug( string.format("Trying %s/%s ...", username, password ) )
|
||||
local socket = connectSocket( host, port, ssl_enable )
|
||||
status, response = pg.sendStartup(socket, username, username)
|
||||
for username in usernames do
|
||||
ssl_enable = not(nossl)
|
||||
for password in passwords do
|
||||
stdnse.print_debug( string.format("Trying %s/%s ...", username, password ) )
|
||||
local socket = connectSocket( host, port, ssl_enable )
|
||||
status, response = pg.sendStartup(socket, username, username)
|
||||
|
||||
-- if nossl is enforced by the user, we're done
|
||||
if ( not(status) and nossl ) then
|
||||
break
|
||||
end
|
||||
-- if nossl is enforced by the user, we're done
|
||||
if ( not(status) and nossl ) then
|
||||
break
|
||||
end
|
||||
|
||||
-- SSL failed, this can occure due to:
|
||||
-- 1. The server does not do SSL
|
||||
-- 2. SSL was denied on a per host or network level
|
||||
--
|
||||
-- Attempt SSL connection
|
||||
if ( not(status) ) then
|
||||
socket:close()
|
||||
ssl_enable = false
|
||||
socket = connectSocket( host, port, ssl_enable )
|
||||
status, response = pg.sendStartup(socket, username, username)
|
||||
if (not(status)) then
|
||||
if ( response:match("no pg_hba.conf entry for host") ) then
|
||||
stdnse.print_debug("The host was denied access to db \"%s\" as user \"%s\", aborting ...", username, username )
|
||||
break
|
||||
else
|
||||
stdnse.print_debug("pgsql-brute: sendStartup returned: %s", response )
|
||||
break
|
||||
end
|
||||
end
|
||||
end
|
||||
-- SSL failed, this can occure due to:
|
||||
-- 1. The server does not do SSL
|
||||
-- 2. SSL was denied on a per host or network level
|
||||
--
|
||||
-- Attempt SSL connection
|
||||
if ( not(status) ) then
|
||||
socket:close()
|
||||
ssl_enable = false
|
||||
socket = connectSocket( host, port, ssl_enable )
|
||||
status, response = pg.sendStartup(socket, username, username)
|
||||
if (not(status)) then
|
||||
if ( response:match("no pg_hba.conf entry for host") ) then
|
||||
stdnse.print_debug("The host was denied access to db \"%s\" as user \"%s\", aborting ...", username, username )
|
||||
break
|
||||
else
|
||||
stdnse.print_debug("pgsql-brute: sendStartup returned: %s", response )
|
||||
break
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
-- Do not attempt to authenticate if authentication type is trusted
|
||||
if ( response.authtype ~= pgsql.AuthenticationType.Success ) then
|
||||
status, response = pg.loginRequest( socket, response, username, password, response.salt)
|
||||
end
|
||||
-- Do not attempt to authenticate if authentication type is trusted
|
||||
if ( response.authtype ~= pgsql.AuthenticationType.Success ) then
|
||||
status, response = pg.loginRequest( socket, response, username, password, response.salt)
|
||||
end
|
||||
|
||||
if status then
|
||||
-- Add credentials for other pgsql scripts to use
|
||||
if nmap.registry.pgsqlusers == nil then
|
||||
nmap.registry.pgsqlusers = {}
|
||||
end
|
||||
nmap.registry.pgsqlusers[username]=password
|
||||
if ( response.authtype ~= pgsql.AuthenticationType.Success ) then
|
||||
table.insert( valid_accounts, string.format("%s:%s => Valid credentials", username, password:len()>0 and password or "<empty>" ) )
|
||||
else
|
||||
table.insert( valid_accounts, string.format("%s => Trusted authentication", username ) )
|
||||
end
|
||||
break
|
||||
end
|
||||
socket:close()
|
||||
end
|
||||
passwords("reset")
|
||||
end
|
||||
if status then
|
||||
-- Add credentials for other pgsql scripts to use
|
||||
if nmap.registry.pgsqlusers == nil then
|
||||
nmap.registry.pgsqlusers = {}
|
||||
end
|
||||
nmap.registry.pgsqlusers[username]=password
|
||||
if ( response.authtype ~= pgsql.AuthenticationType.Success ) then
|
||||
table.insert( valid_accounts, string.format("%s:%s => Valid credentials", username, password:len()>0 and password or "<empty>" ) )
|
||||
else
|
||||
table.insert( valid_accounts, string.format("%s => Trusted authentication", username ) )
|
||||
end
|
||||
break
|
||||
end
|
||||
socket:close()
|
||||
end
|
||||
passwords("reset")
|
||||
end
|
||||
|
||||
output = stdnse.format_output(true, valid_accounts)
|
||||
output = stdnse.format_output(true, valid_accounts)
|
||||
|
||||
return output
|
||||
return output
|
||||
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user