diff --git a/nselib/anyconnect.lua b/nselib/anyconnect.lua index b786c652a..ea57f0ef1 100644 --- a/nselib/anyconnect.lua +++ b/nselib/anyconnect.lua @@ -50,12 +50,7 @@ Cisco = { -- generate a random hex-string of length 'length' -- generate_random = function(length) - local rnd = "" - - for i=1, length do - rnd = rnd .. string.format("%.2X", math.random(255)) - end - return rnd + return stdnse.generate_random_string(length * 2, '0123456789ABCDEF') end, connect = function(self) diff --git a/nselib/ike.lua b/nselib/ike.lua index 02dfe1fdf..a054adc94 100644 --- a/nselib/ike.lua +++ b/nselib/ike.lua @@ -137,12 +137,7 @@ end -- generate a random hex-string of length 'length' -- local function generate_random(length) - local rnd = "" - - for i=1, length do - rnd = rnd .. string.format("%.2X", math.random(255)) - end - return rnd + return stdnse.generate_random_string(length * 2, '0123456789ABCDEF') end diff --git a/nselib/sip.lua b/nselib/sip.lua index 22c0afd63..71a9b122f 100644 --- a/nselib/sip.lua +++ b/nselib/sip.lua @@ -738,23 +738,9 @@ Util = { -- @param set (optional) The set of letters to choose from. Default: upper, lower, numbers, and underscore. -- @return The random string. get_random_string = function(length, set) - if(length == nil) then - length = 8 - end - - if(set == nil) then - set = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_" - end - - local str = "" - - for i = 1, length, 1 do - local random = math.random(#set) - str = str .. string.sub(set, random, random) - end - - return str - end + return stdnse.generate_random_string(length or 8, + set or "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_") + end, } diff --git a/nselib/stun.lua b/nselib/stun.lua index e95d7c83c..5143d85eb 100644 --- a/nselib/stun.lua +++ b/nselib/stun.lua @@ -286,9 +286,9 @@ Util = { -- @param len number containing the length of the generated random string -- @return str containing the random string randomString = function(len) - local str = "" - for i=1, len do str = str .. string.char(math.random(255)) end - return str + local str = {} + for i=1, len do str[i] = string.char(math.random(255)) end + return table.concat(str) end } diff --git a/scripts/broadcast-ataoe-discover.nse b/scripts/broadcast-ataoe-discover.nse index 794ffdf38..6f9eed97f 100644 --- a/scripts/broadcast-ataoe-discover.nse +++ b/scripts/broadcast-ataoe-discover.nse @@ -52,7 +52,7 @@ ATAoE = { minor = 0xff, error = 0, cmd = ATAoE.Cmd.QUERY_CONFIG_INFORMATION, - tag = tag or createRandomTag(), + tag = tag or math.random(0,0xffffffff), } setmetatable(o, self) self.__index = self @@ -98,13 +98,6 @@ ATAoE = { } } --- Creates a random AoE header tag -function createRandomTag() - local str = "" - for i=1, 4 do str = str .. string.char(math.random(255)) end - return select(2, bin.unpack(">I", str)) -end - -- Send a Config Info Request to the ethernet broadcast address -- @param iface table as returned by nmap.get_interface_info() local function sendConfigInfoRequest(iface) diff --git a/scripts/http-userdir-enum.nse b/scripts/http-userdir-enum.nse index 4ee879411..6748d9f91 100644 --- a/scripts/http-userdir-enum.nse +++ b/scripts/http-userdir-enum.nse @@ -146,25 +146,3 @@ function init() stdnse.debug1("Testing %d usernames.", #usernames) return nil end - - - ---- --- Uses openssl.rand_pseudo_bytes (if available, os.time() if not) and base64.enc --- to produce a randomish string of at least 11 alphanumeric chars. --- @return String - -function randomstring() - local rnd, s, l, _ - local status, openssl = pcall(require, "openssl") - if status then - rnd = openssl.rand_pseudo_bytes - end - s = rnd and rnd(8) or tostring( os.time() ) - -- increase the length of the string by 0 to 7 chars - _, l = bin.unpack(">C", s, 8) -- eighth byte should be safe for os.time() too - s = l%8 > 0 and s .. s:sub(1,l%8) or s - -- base 64 encode and replace any non alphanum chars (with 'n' for nmap!) - s = base64.enc(s):sub(1,-2):gsub("%W", "n") - return s -end diff --git a/scripts/irc-botnet-channels.nse b/scripts/irc-botnet-channels.nse index 4c03a44aa..71717f80a 100644 --- a/scripts/irc-botnet-channels.nse +++ b/scripts/irc-botnet-channels.nse @@ -162,13 +162,7 @@ local function irc_compose_message(prefix, command, ...) end local function random_nick() - local nick = {} - - for i = 1, 9 do - nick[#nick + 1] = string.char(math.random(string.byte("a"), string.byte("z"))) - end - - return table.concat(nick) + return stdnse.generate_random_string(9, "abcdefghijklmnopqrstuvwxyz") end local function splitlines(s) diff --git a/scripts/irc-info.nse b/scripts/irc-info.nse index 876a6be01..a239e3382 100644 --- a/scripts/irc-info.nse +++ b/scripts/irc-info.nse @@ -51,11 +51,7 @@ portrule = shortport.port_or_service({6666,6667,6697,6679},{"irc","ircs"}) local banner_timeout = 60 local function random_nick () - local t = {} - for i = 1, 9 do -- minimum 9 char nick - t[i] = math.random(97, 122) -- lowercase ascii - end - return ("%c"):rep(#t):format(table.unpack(t)) + return stdnse.generate_random_string(9, "abcdefghijklmnopqrstuvwxyz") end function action (host, port) diff --git a/scripts/oracle-enum-users.nse b/scripts/oracle-enum-users.nse index 135480719..8226ec003 100644 --- a/scripts/oracle-enum-users.nse +++ b/scripts/oracle-enum-users.nse @@ -28,8 +28,6 @@ servers (this bug was fixed in Oracle's October 2009 Critical Patch Update). -- | noob is a valid user account -- |_ patrik is a valid user account -- --- The get_random_string function was stolen from Ron's smb code --- -- @args oracle-enum-users.sid the instance against which to attempt user -- enumeration @@ -70,32 +68,6 @@ local function checkAccount( host, port, user ) return true, auth["AUTH_VFR_DATA"] end ----Generates a random string of the requested length. This can be used to check how hosts react to --- weird username/password combinations. ---@param length (optional) The length of the string to return. Default: 8. ---@param set (optional) The set of letters to choose from. Default: upper, lower, numbers, and underscore. ---@return The random string. -local function get_random_string(length, set) - if(length == nil) then - length = 8 - end - - if(set == nil) then - set = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_" - end - - local str = "" - - for i = 1, length, 1 do - local random = math.random(#set) - str = str .. string.sub(set, random, random) - end - - return str -end - - - action = function( host, port ) local known_good_accounts = { "system", "sys", "dbsnmp", "scott" } @@ -131,7 +103,8 @@ action = function( host, port ) -- Check for some known bad accounts count = 0 for i=1, 10 do - local user = get_random_string(10) + local user = stdnse.generate_random_string(10, + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_") status, salt = checkAccount(host, port, user) if( not(status) ) then return salt end if ( salt ) then diff --git a/scripts/smb-brute.nse b/scripts/smb-brute.nse index cc24d9236..989e75da4 100644 --- a/scripts/smb-brute.nse +++ b/scripts/smb-brute.nse @@ -175,22 +175,8 @@ local special_passwords = { USERNAME, USERNAME_REVERSED } --@param set (optional) The set of letters to choose from. Default: upper, lower, numbers, and underscore. --@return The random string. local function get_random_string(length, set) - if(length == nil) then - length = 8 - end - - if(set == nil) then - set = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_" - end - - local str = "" - - for i = 1, length, 1 do - local random = math.random(#set) - str = str .. string.sub(set, random, random) - end - - return str + return stdnse.generate_random_string(length or 8, + set or "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_") end ---Splits a string in the form "domain\user" into domain and user.