PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 06:01:28 +00:00
Code Issues Projects Releases Wiki Activity

Add support for RACF to cics-user-enum. Closes #619

Browse Source
This commit is contained in:
dmiller
2016-12-21 00:16:06 +00:00
parent b13a36c1a2
commit eedfc29b48
2 changed files with 11 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
scripts/cics-user-enum.nse
View File

@@ -35,6 +35,7 @@ CICS User ID enumeration script for the CESL/CESN Login screen.
-- --
-- @changelog -- @changelog
-- 2016-08-29 - v0.1 - created by Soldier of Fortran -- 2016-08-29 - v0.1 - created by Soldier of Fortran
-- 2016-12-19 - v0.2 - Added RACF support
-- --
-- @author Philip Young -- @author Philip Young
-- @copyright Same as Nmap--See http://nmap.org/book/man-legal.html -- @copyright Same as Nmap--See http://nmap.org/book/man-legal.html
@@ -106,7 +107,8 @@ Driver = {
end end
-- At this point we MUST be at CESL/CESN to try accounts. -- At this point we MUST be at CESL/CESN to try accounts.
-- If we're not then we quit with an error -- If we're not then we quit with an error
if not (self.tn3270:find('SIGN ON TO CICS') and self.tn3270:find("Signon to CICS")) then if not (self.tn3270:find('SIGN ON TO CICS') or self.tn3270:find("Signon to CICS")) then
local err = brute.Error:new( "Can't get to CESL")
err:setRetry( true ) err:setRetry( true )
return false, err return false, err
end end
@@ -117,21 +119,21 @@ Driver = {
self.tn3270:get_all_data() self.tn3270:get_all_data()
stdnse.debug(2,"Screen Recieved for User ID: %s", pass) stdnse.debug(2,"Screen Recieved for User ID: %s", pass)
self.tn3270:get_screen_debug(2) self.tn3270:get_screen_debug(2)
-- So far only support for TopSecret, ACF2
-- TODO: Add RACF error messages if they exist?
if self.tn3270:find('TSS7145E') or if self.tn3270:find('TSS7145E') or
self.tn3270:find('ACF01004') then self.tn3270:find('ACF01004') or
-- known invalid userid self.tn3270:find('DFHCE3530') then
-- known invalid userid messages
-- TopSecret: TSS7145E -- TopSecret: TSS7145E
-- ACF2: ACF01004 -- ACF2: ACF01004
-- RACF: TODO -- RACF: DFHCE3530
stdnse.debug("Invalid CICS User ID: %s", string.upper(pass)) stdnse.debug("Invalid CICS User ID: %s", string.upper(pass))
return false, brute.Error:new( "Incorrect CICS User ID" ) return false, brute.Error:new( "Incorrect CICS User ID" )
elseif self.tn3270:find('TSS7102E') or elseif self.tn3270:find('TSS7102E') or
self.tn3270:find('ACF01012') then self.tn3270:find('ACF01012') or
self.tn3270:find('DFHCE3523') then
-- TopSecret: TSS7102E Password Missing -- TopSecret: TSS7102E Password Missing
-- ACF2: ACF01012 PASSWORD NOT MATCHED -- ACF2: ACF01012 PASSWORD NOT MATCHED
-- RACF: TODO -- RACF: DFHCE3523 Please type your password.
stdnse.verbose("Valid CICS User ID: %s", string.upper(pass)) stdnse.verbose("Valid CICS User ID: %s", string.upper(pass))
return true, creds.Account:new("CICS User", string.upper(pass), creds.State.VALID) return true, creds.Account:new("CICS User", string.upper(pass), creds.State.VALID)
else else
@@ -244,9 +246,8 @@ action = function(host, port)
local status, result = engine:start() local status, result = engine:start()
-- port.version.extrainfo = "Security: " .. secprod -- port.version.extrainfo = "Security: " .. secprod
-- nmap.set_port_version(host, port) -- nmap.set_port_version(host, port)
return "result" return result
else else
return err return err
end end
end end

2
scripts/tn3270-screen.nse
View File

@@ -54,8 +54,6 @@ Hidden fields will be listed below the screen with (row, col) coordinates.
author = "Philip Young aka Soldier of Fortran" author = "Philip Young aka Soldier of Fortran"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html" license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"safe", "discovery"} categories = {"safe", "discovery"}
-- XXX Is this a real script?
--dependencies = {"tn3270-info"}
portrule = shortport.port_or_service({23,992}, {"tn3270"}) portrule = shortport.port_or_service({23,992}, {"tn3270"})