PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-26 17:39:03 +00:00
Code Issues Projects Releases Wiki Activity

Update the status code name in smb-check-vulns.

Browse Source 
The checks for conficker and ms08_067 check for a specific status code
of 0x00000057, but do so by the name mapping to this value rather than
by value.

The name of this value was change from NT_STATUS_WERR_UNKNOWN_57 to
NT_STATUS_WERR_INVALID_PARAMETER in r24847, breaking these tests because
they were still searching for the "UNKNOWN_57" string.

This error was reported by Kit Peters.
http://seclists.org/nmap-dev/2012/q4/125
This commit is contained in:
david
2012-10-18 04:28:11 +00:00
parent 3c87635ae8
commit f26d82b3fc
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/smb-check-vulns.nse
View File

@@ -182,7 +182,7 @@ function check_ms08_067(host)
msrpc.stop_smb(smbstate)
if(status == false) then
if(string.find(netpathcompare_result, "UNKNOWN_57") ~= nil) then
if(string.find(netpathcompare_result, "WERR_INVALID_PARAMETER") ~= nil) then
return true, INFECTED
elseif(string.find(netpathcompare_result, "INVALID_NAME") ~= nil) then
return true, PATCHED
@@ -276,7 +276,7 @@ function check_conficker(host)
if(string.find(netpathcanonicalize_result, "INVALID_NAME")) then
msrpc.stop_smb(smbstate)
return true, CLEAN
elseif(string.find(netpathcanonicalize_result, "UNKNOWN_57") ~= nil) then
elseif(string.find(netpathcanonicalize_result, "WERR_INVALID_PARAMETER") ~= nil) then
msrpc.stop_smb(smbstate)
return true, INFECTED
else