mirror of
https://github.com/nmap/nmap.git
synced 2025-12-06 04:31:29 +00:00
Fix some globals
This commit is contained in:
dmiller
@@ -200,9 +200,8 @@ local UUID2EXE = {
|
|||||||
--@return status true or false
|
--@return status true or false
|
||||||
--@return smbstate if status is true, or an error message.
|
--@return smbstate if status is true, or an error message.
|
||||||
function start_smb(host, path, disable_extended, overrides)
|
function start_smb(host, path, disable_extended, overrides)
|
||||||
local sharename
|
|
||||||
overrides = overrides or {}
|
overrides = overrides or {}
|
||||||
_, sharename = smb.get_fqpn(host, "IPC$")
|
local _, sharename = smb.get_fqpn(host, "IPC$")
|
||||||
return smb.start_ex(host, true, true, sharename, path, disable_extended, overrides)
|
return smb.start_ex(host, true, true, sharename, path, disable_extended, overrides)
|
||||||
end
|
end
|
||||||
|
|
||||||
@@ -666,18 +665,15 @@ end
|
|||||||
-- useful one being 'shares', which is a list of the system's shares.
|
-- useful one being 'shares', which is a list of the system's shares.
|
||||||
function srvsvc_netsharegetinfo(smbstate, server, share, level)
|
function srvsvc_netsharegetinfo(smbstate, server, share, level)
|
||||||
stdnse.debug2("Calling NetShareGetInfo(%s, %s, %d)", server, share, level)
|
stdnse.debug2("Calling NetShareGetInfo(%s, %s, %d)", server, share, level)
|
||||||
local status, result, sharename
|
|
||||||
local arguments
|
|
||||||
local pos, align
|
|
||||||
|
|
||||||
--NetGetShareInfo seems to reject FQPN and reads the server value from the request
|
--NetGetShareInfo seems to reject FQPN and reads the server value from the request
|
||||||
--If any function called this function using a FQPN, this should take care of it.
|
--If any function called this function using a FQPN, this should take care of it.
|
||||||
_, _, sharename = string.find(share, "\\\\.*\\(.*)")
|
local _, _, sharename = string.find(share, "\\\\.*\\(.*)")
|
||||||
if sharename then
|
if sharename then
|
||||||
share = sharename
|
share = sharename
|
||||||
end
|
end
|
||||||
-- [in] [string,charset(UTF16)] uint16 *server_unc,
|
-- [in] [string,charset(UTF16)] uint16 *server_unc,
|
||||||
arguments = msrpctypes.marshall_unicode_ptr("\\\\" .. server, true)
|
local arguments = msrpctypes.marshall_unicode_ptr("\\\\" .. server, true)
|
||||||
|
|
||||||
-- [in] [string,charset(UTF16)] uint16 share_name[],
|
-- [in] [string,charset(UTF16)] uint16 share_name[],
|
||||||
.. msrpctypes.marshall_unicode(share, true)
|
.. msrpctypes.marshall_unicode(share, true)
|
||||||
@@ -689,7 +685,7 @@ function srvsvc_netsharegetinfo(smbstate, server, share, level)
|
|||||||
|
|
||||||
|
|
||||||
-- Do the call
|
-- Do the call
|
||||||
status, result = call_function(smbstate, 0x10, arguments)
|
local status, result = call_function(smbstate, 0x10, arguments)
|
||||||
if(status ~= true) then
|
if(status ~= true) then
|
||||||
return false, result
|
return false, result
|
||||||
end
|
end
|
||||||
@@ -698,7 +694,7 @@ function srvsvc_netsharegetinfo(smbstate, server, share, level)
|
|||||||
|
|
||||||
-- Make arguments easier to use
|
-- Make arguments easier to use
|
||||||
arguments = result['arguments']
|
arguments = result['arguments']
|
||||||
pos = 1
|
local pos = 1
|
||||||
|
|
||||||
-- [in] [string,charset(UTF16)] uint16 *server_unc,
|
-- [in] [string,charset(UTF16)] uint16 *server_unc,
|
||||||
-- [in] [string,charset(UTF16)] uint16 share_name[],
|
-- [in] [string,charset(UTF16)] uint16 share_name[],
|
||||||
|
|||||||
@@ -3449,19 +3449,18 @@ end
|
|||||||
-- 'false' is simply returned.
|
-- 'false' is simply returned.
|
||||||
function is_admin(host, username, domain, password, password_hash, hash_type)
|
function is_admin(host, username, domain, password, password_hash, hash_type)
|
||||||
local msrpc = require "msrpc" -- avoid require cycle
|
local msrpc = require "msrpc" -- avoid require cycle
|
||||||
local status, smbstate, err, result, fqpn_share
|
|
||||||
local overrides = get_overrides(username, domain, password, password_hash, hash_type)
|
local overrides = get_overrides(username, domain, password, password_hash, hash_type)
|
||||||
|
|
||||||
stdnse.debug1("SMB: Checking if %s is an administrator", username)
|
stdnse.debug1("SMB: Checking if %s is an administrator", username)
|
||||||
|
|
||||||
status, smbstate = start(host)
|
local status, smbstate = start(host)
|
||||||
if(status == false) then
|
if(status == false) then
|
||||||
stdnse.debug1("SMB; is_admin: Failed to start SMB: %s [%s]", smbstate, username)
|
stdnse.debug1("SMB; is_admin: Failed to start SMB: %s [%s]", smbstate, username)
|
||||||
stop(smbstate)
|
stop(smbstate)
|
||||||
return false
|
return false
|
||||||
end
|
end
|
||||||
|
|
||||||
status, err = negotiate_protocol(smbstate, overrides)
|
local status, err = negotiate_protocol(smbstate, overrides)
|
||||||
if(status == false) then
|
if(status == false) then
|
||||||
stdnse.debug1("SMB; is_admin: Failed to negotiate protocol: %s [%s]", err, username)
|
stdnse.debug1("SMB; is_admin: Failed to negotiate protocol: %s [%s]", err, username)
|
||||||
stop(smbstate)
|
stop(smbstate)
|
||||||
@@ -3474,8 +3473,8 @@ function is_admin(host, username, domain, password, password_hash, hash_type)
|
|||||||
stop(smbstate)
|
stop(smbstate)
|
||||||
return false
|
return false
|
||||||
end
|
end
|
||||||
|
|
||||||
_, fqpn_share = get_fqpn(host, "IPC$")
|
local _, fqpn_share = get_fqpn(host, "IPC$")
|
||||||
status, err = tree_connect(smbstate, fqpn_share, overrides)
|
status, err = tree_connect(smbstate, fqpn_share, overrides)
|
||||||
if(status == false) then
|
if(status == false) then
|
||||||
stdnse.debug1("SMB; is_admin: Failed to connect tree: %s [%s]", err, username)
|
stdnse.debug1("SMB; is_admin: Failed to connect tree: %s [%s]", err, username)
|
||||||
@@ -4234,10 +4233,10 @@ namedpipes =
|
|||||||
self.name = namedpipes.make_pipe_name( self._host.ip, self._pipeSubPath )
|
self.name = namedpipes.make_pipe_name( self._host.ip, self._pipeSubPath )
|
||||||
|
|
||||||
stdnse.debug2("%s: Connecting to named pipe: %s", NP_LIBRARY_NAME, self.name )
|
stdnse.debug2("%s: Connecting to named pipe: %s", NP_LIBRARY_NAME, self.name )
|
||||||
local status, result, errorMessage, fqpn_share
|
local errorMessage
|
||||||
local bool_negotiate_protocol, bool_start_session, bool_disable_extended = true, true, false
|
local bool_negotiate_protocol, bool_start_session, bool_disable_extended = true, true, false
|
||||||
_, fqpn_share = get_fqpn(host, "IPC$")
|
local _, fqpn_share = get_fqpn(host, "IPC$")
|
||||||
status, result = start_ex( self._host, bool_negotiate_protocol, bool_start_session,
|
local status, result = start_ex( self._host, bool_negotiate_protocol, bool_start_session,
|
||||||
fqpn_share, self._pipeSubPath, bool_disable_extended, self._overrides )
|
fqpn_share, self._pipeSubPath, bool_disable_extended, self._overrides )
|
||||||
|
|
||||||
if status then
|
if status then
|
||||||
|
|||||||
@@ -2,6 +2,7 @@ local stdnse = require "stdnse"
|
|||||||
local shortport = require "shortport"
|
local shortport = require "shortport"
|
||||||
local comm = require "comm"
|
local comm = require "comm"
|
||||||
local string = require "string"
|
local string = require "string"
|
||||||
|
local table = require "table"
|
||||||
|
|
||||||
description = [[
|
description = [[
|
||||||
OpenWebNet is a communications protocol developed by Bticino since 2000.
|
OpenWebNet is a communications protocol developed by Bticino since 2000.
|
||||||
|
|||||||
@@ -2,6 +2,7 @@ local shortport = require "shortport"
|
|||||||
local stdnse = require "stdnse"
|
local stdnse = require "stdnse"
|
||||||
local http = require "http"
|
local http = require "http"
|
||||||
local vulns = require "vulns"
|
local vulns = require "vulns"
|
||||||
|
local string = require "string"
|
||||||
local table = require "table"
|
local table = require "table"
|
||||||
local io = require "io"
|
local io = require "io"
|
||||||
local base64 = require "base64"
|
local base64 = require "base64"
|
||||||
|
|||||||
Reference in New Issue
Block a user