PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 21:21:31 +00:00
Code Issues Projects Releases Wiki Activity

Re-indent some scripts. Whitespace-only commit

Browse Source 
https://secwiki.org/w/Nmap/Code_Standards
This commit is contained in:
dmiller
2014-01-31 21:01:26 +00:00
parent 298be5bfaa
commit c7d4f2ec96
50 changed files with 4135 additions and 4135 deletions
Download Patch File Download Diff File Expand all files Collapse all files

200
scripts/rdp-enum-encryption.nse
View File

@@ -41,123 +41,123 @@ categories = {"safe", "discovery"}
portrule = shortport.port_or_service(3389, "ms-wbt-server")
local function enum_protocols(host, port)
local PROTOCOLS = {
["Native RDP"] = 0,
["SSL"] = 1,
["CredSSP"] = 3
}
local PROTOCOLS = {
["Native RDP"] = 0,
["SSL"] = 1,
["CredSSP"] = 3
}
local ERRORS = {
[1] = "SSL_REQUIRED_BY_SERVER",
[2] = "SSL_NOT_ALLOWED_BY_SERVER",
[3] = "SSL_CERT_NOT_ON_SERVER",
[4] = "INCONSISTENT_FLAGS",
[5] = "HYBRID_REQUIRED_BY_SERVER"
}
local ERRORS = {
[1] = "SSL_REQUIRED_BY_SERVER",
[2] = "SSL_NOT_ALLOWED_BY_SERVER",
[3] = "SSL_CERT_NOT_ON_SERVER",
[4] = "INCONSISTENT_FLAGS",
[5] = "HYBRID_REQUIRED_BY_SERVER"
}
local res_proto = { name = "Security layer" }
local res_proto = { name = "Security layer" }
for k, v in pairs(PROTOCOLS) do
local comm = rdp.Comm:new(host, port)
if ( not(comm:connect()) ) then
return false, "ERROR: Failed to connect to server"
end
local cr = rdp.Request.ConnectionRequest:new(v)
local status, response = comm:exch(cr)
comm:close()
if ( not(status) ) then
return false, response
end
for k, v in pairs(PROTOCOLS) do
local comm = rdp.Comm:new(host, port)
if ( not(comm:connect()) ) then
return false, "ERROR: Failed to connect to server"
end
local cr = rdp.Request.ConnectionRequest:new(v)
local status, response = comm:exch(cr)
comm:close()
if ( not(status) ) then
return false, response
end
local pos, success = bin.unpack("C", response.itut.data)
if ( success == 2 ) then
table.insert(res_proto, ("%s: SUCCESS"):format(k))
elseif ( nmap.debugging() > 0 ) then
local pos, err = bin.unpack("C", response.itut.data, 5)
if ( err > 0 ) then
table.insert(res_proto, ("%s: FAILED (%s)"):format(k, ERRORS[err] or "Unknown"))
else
table.insert(res_proto, ("%s: FAILED"):format(k))
end
end
end
table.sort(res_proto)
return true, res_proto
local pos, success = bin.unpack("C", response.itut.data)
if ( success == 2 ) then
table.insert(res_proto, ("%s: SUCCESS"):format(k))
elseif ( nmap.debugging() > 0 ) then
local pos, err = bin.unpack("C", response.itut.data, 5)
if ( err > 0 ) then
table.insert(res_proto, ("%s: FAILED (%s)"):format(k, ERRORS[err] or "Unknown"))
else
table.insert(res_proto, ("%s: FAILED"):format(k))
end
end
end
table.sort(res_proto)
return true, res_proto
end
local function enum_ciphers(host, port)
local CIPHERS = {
{ ["40-bit RC4"] = 1 },
{ ["56-bit RC4"] = 8 },
{ ["128-bit RC4"] = 2 },
{ ["FIPS 140-1"] = 16 }
}
local CIPHERS = {
{ ["40-bit RC4"] = 1 },
{ ["56-bit RC4"] = 8 },
{ ["128-bit RC4"] = 2 },
{ ["FIPS 140-1"] = 16 }
}
local ENC_LEVELS = {
[0] = "None",
[1] = "Low",
[2] = "Client Compatible",
[3] = "High",
[4] = "FIPS Compliant",
}
local ENC_LEVELS = {
[0] = "None",
[1] = "Low",
[2] = "Client Compatible",
[3] = "High",
[4] = "FIPS Compliant",
}
local res_ciphers = {}
local res_ciphers = {}
local function get_ordered_ciphers()
local i = 0
return function()
i = i + 1
if ( not(CIPHERS[i]) ) then return end
for k,v in pairs(CIPHERS[i]) do
return k, v
end
end
end
local function get_ordered_ciphers()
local i = 0
return function()
i = i + 1
if ( not(CIPHERS[i]) ) then return end
for k,v in pairs(CIPHERS[i]) do
return k, v
end
end
end
for k, v in get_ordered_ciphers() do
local comm = rdp.Comm:new(host, port)
if ( not(comm:connect()) ) then
return false, "ERROR: Failed to connect to server"
end
for k, v in get_ordered_ciphers() do
local comm = rdp.Comm:new(host, port)
if ( not(comm:connect()) ) then
return false, "ERROR: Failed to connect to server"
end
local cr = rdp.Request.ConnectionRequest:new()
local status, response = comm:exch(cr)
if ( not(status) ) then
break
end
local cr = rdp.Request.ConnectionRequest:new()
local status, response = comm:exch(cr)
if ( not(status) ) then
break
end
local msc = rdp.Request.MCSConnectInitial:new(v)
local status, response = comm:exch(msc)
comm:close()
if ( status ) then
local pos, enc_level = bin.unpack("C", response.itut.data, 95 + 8)
local pos, enc_cipher= bin.unpack("C", response.itut.data, 95 + 4)
if ( enc_cipher == v ) then
table.insert(res_ciphers, ("%s: SUCCESS"):format(k))
end
res_ciphers.name = ("RDP Encryption level: %s"):format(ENC_LEVELS[enc_level] or "Unknown")
elseif ( nmap.debugging() > 0 ) then
table.insert(res_ciphers, ("%s: FAILURE"):format(k))
end
end
return true, res_ciphers
local msc = rdp.Request.MCSConnectInitial:new(v)
local status, response = comm:exch(msc)
comm:close()
if ( status ) then
local pos, enc_level = bin.unpack("C", response.itut.data, 95 + 8)
local pos, enc_cipher= bin.unpack("C", response.itut.data, 95 + 4)
if ( enc_cipher == v ) then
table.insert(res_ciphers, ("%s: SUCCESS"):format(k))
end
res_ciphers.name = ("RDP Encryption level: %s"):format(ENC_LEVELS[enc_level] or "Unknown")
elseif ( nmap.debugging() > 0 ) then
table.insert(res_ciphers, ("%s: FAILURE"):format(k))
end
end
return true, res_ciphers
end
action = function(host, port)
local result = {}
local result = {}
local status, res_proto = enum_protocols(host, port)
if ( not(status) ) then
return res_proto
end
local status, res_proto = enum_protocols(host, port)
if ( not(status) ) then
return res_proto
end
local status, res_ciphers = enum_ciphers(host, port)
if ( not(status) ) then
return res_ciphers
end
local status, res_ciphers = enum_ciphers(host, port)
if ( not(status) ) then
return res_ciphers
end
table.insert(result, res_proto)
table.insert(result, res_ciphers)
return stdnse.format_output(true, result)
end
table.insert(result, res_proto)
table.insert(result, res_ciphers)
return stdnse.format_output(true, result)
end