Updates TN3270.lua and scripts. It also adds an argument to disable TN3270. Closes #1455

scripts/cics-enum.nse

@@ -57,6 +57,7 @@ found for CICS transaction IDs.
 -- 2015-07-04 - v0.1 - created by Soldier of Fortran
 -- 2015-11-14 - v0.2 - rewrote iterator
 -- 2017-01-22 - v0.3 - added authenticated CICS ID enumeration
+-- 2019-02-01 - v0.4 - Removed TN3270E support (breaks location)
 --
 -- @author Philip Young
 -- @copyright Same as Nmap--See https://nmap.org/book/man-legal.html
@@ -90,6 +91,7 @@ Driver = {
     o.port = port
     o.options = options
     o.tn3270 = tn3270.Telnet:new()
+    o.tn3270:disable_tn3270e()
     return o
   end,
   connect = function( self )
@@ -263,6 +265,7 @@ Driver = {
 local function cics_test( host, port, commands, user, pass )
   stdnse.debug("Checking for CICS")
   local tn = tn3270.Telnet:new()
+  tn:disable_tn3270e()
   local status, err = tn:initiate(host,port)
   local msg = 'Unable to get to CICS'
   local cics = false -- initially we're not at CICS

scripts/cics-user-brute.nse

@@ -34,6 +34,7 @@ CICS User ID brute forcing script for the CESL login screen.
 -- 2016-08-29 - v0.1 - created by Soldier of Fortran
 -- 2016-10-26 - v0.2 - Added RACF support
 -- 2017-01-23 - v0.3 - Rewrote script to use fields and skip enumeration to speed up testing
+-- 2019-02-01 - v0.4 - Disabled new TN3270E support
 
 author = "Philip Young aka Soldier of Fortran"
 license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
@@ -60,6 +61,7 @@ Driver = {
     o.port = port
     o.options = options
     o.tn3270 = tn3270.Telnet:new(brute.new_socket())
+    o.tn3270:disable_tn3270e()
     return o
   end,
   connect = function( self )
@@ -120,9 +122,10 @@ Driver = {
 
       -- Ok we're good we're at CESL. Send the Userid and Password.
     local fields = self.tn3270:writeable() -- Get the writeable field areas
-    local user_loc = {fields[1][1],user}   -- This is the 'UserID:' field
-    local pass_loc = {fields[3][1],pass}   -- This is the 'Password:' field ([2] is a group ID)
-    stdnse.verbose('Trying CICS: ' .. user ..' : ' .. pass)
+    local user_loc = {fields[2][1],user}   -- This is the 'UserID:' field
+    local pass_loc = {fields[4][1],pass}   -- This is the 'Password:' field ([2] is a group ID)
+    stdnse.verbose('[BRUTE] Trying CICS: ' .. user ..' : ' .. pass)
+    stdnse.debug(3,"[BRUTE] Location:" .. fields[2][1] .. " x " .. fields[4][1])
     self.tn3270:send_locations({user_loc,pass_loc})
     self.tn3270:get_all_data()
     stdnse.debug(2,"Screen Received for User ID: %s/%s", user, pass)
@@ -194,6 +197,7 @@ Driver = {
 local function cics_test( host, port, commands )
   stdnse.verbose(2,"Checking for CICS Login Page")
   local tn = tn3270.Telnet:new()
+  tn:disable_tn3270e()
   local status, err = tn:initiate(host,port)
   local cesl = false -- initially we're not at CICS
   if not status then

scripts/cics-user-enum.nse

@@ -37,6 +37,7 @@ CICS User ID enumeration script for the CESL/CESN Login screen.
 -- @changelog
 -- 2016-08-29 - v0.1 - created by Soldier of Fortran
 -- 2016-12-19 - v0.2 - Added RACF support
+-- 2019-02-01 - v0.3 - Disabled TN3270E support
 --
 -- @author Philip Young
 -- @copyright Same as Nmap--See https://nmap.org/book/man-legal.html
@@ -56,6 +57,7 @@ Driver = {
     o.port = port
     o.options = options
     o.tn3270 = tn3270.Telnet:new()
+    o.tn3270:disable_tn3270e()
     return o
   end,
   connect = function( self )
@@ -108,8 +110,8 @@ Driver = {
     end
     -- At this point we MUST be at CESL/CESN to try accounts.
     -- If we're not then we quit with an error
-    if not (self.tn3270:find('SIGN ON TO CICS') or self.tn3270:find("Signon to CICS")) then
-    local err = brute.Error:new( "Can't get to Transaction")
+    if not (self.tn3270:find('Type your userid and password')) then
+    local err = brute.Error:new( "Can't get to Transaction CESN")
       err:setRetry( true )
       return false, err
     end
@@ -158,6 +160,7 @@ Driver = {
 local function cics_test( host, port, commands, transaction )
   stdnse.verbose(2,"Checking for CICS Login Page")
   local tn = tn3270.Telnet:new()
+  tn:disable_tn3270e()
   local status, err = tn:initiate(host,port)
   local cesl = false -- initially we're not at CICS
   if not status then
@@ -176,7 +179,7 @@ local function cics_test( host, port, commands, transaction )
   tn:get_all_data()
   tn:get_screen_debug(2) -- for debug purposes
   -- We should now be at CICS. Check if we're already at the logon screen
-  if tn:find('SIGN ON TO CICS') and tn:find("Signon to CICS") then
+  if tn:find('Type your userid and password') then
     stdnse.verbose(2,"At CICS Login Transaction")
     tn:disconnect()
     return true

scripts/tn3270-screen.nse

@@ -44,13 +44,15 @@ Hidden fields will be listed below the screen with (row, col) coordinates.
 --
 -- @args tn3270-screen.commands a semi-colon separated list of commands you want to
 --                       issue before printing the screen
---       tn3270-screen.lu a logical unit you with to use fails if can't connect
+--       tn3270-screen.lu specify a logical unit you with to use, fails if can't connect
+--       tn3270-screen.disable_tn3270e disables TN3270 Enhanced mode
 --
 --
 -- @changelog
 -- 2015-05-30 - v0.1 - created by Soldier of Fortran
 -- 2015-11-14 - v0.2 - added commands argument
 -- 2018-09-07 - v0.3 - added support for Logical Units
+-- 2019-02-01 - v0.4 - Added ability to disable TN3270E mode
 --
 
 author = "Philip Young aka Soldier of Fortran"
@@ -67,12 +69,17 @@ local hidden_field_mt = {
 
 action = function(host, port)
   local commands = stdnse.get_script_args(SCRIPT_NAME .. '.commands')
+  local disable_tn3270e = stdnse.get_script_args(SCRIPT_NAME .. '.disable_tn3270e') or false
   local lu = stdnse.get_script_args(SCRIPT_NAME .. '.lu')
   local t = tn3270.Telnet:new()
-  if lu then
+  if lu and not disable_tn3270e then
     stdnse.debug("Setting LU: %s", lu)
     t:set_lu(lu)
   end
+   
+  if disable_tn3270e then
+      t:disable_tn3270e()
+  end
   local status, err = t:initiate(host,port)
   if not status then
     stdnse.debug("Could not initiate TN3270: %s", err )
@@ -107,7 +114,9 @@ action = function(host, port)
     local out = stdnse.output_table()
     out.screen = t:get_screen()
     out["hidden fields"] = hidden
-    out["logical unit"]= t:get_lu()
+    if not disable_tn3270e then 
+      out["logical unit"]= t:get_lu()
+    end
     return out
   end
 end

scripts/tso-brute.nse

@@ -75,6 +75,7 @@ Driver = {
     o.port = port
     o.options = options
     o.tn3270 = tn3270.Telnet:new(brute.new_socket())
+    o.tn3270:disable_tn3270e()
     return o
   end,
   connect = function( self )
@@ -228,6 +229,7 @@ Driver = {
 local function tso_test( host, port, commands )
   stdnse.debug("Checking for TSO")
   local tn = tn3270.Telnet:new()
+  tn:disable_tn3270e()
   local status, err = tn:initiate(host,port)
   local tso = false -- initially we're not at TSO logon panel
   local secprod = "RACF"
@@ -259,7 +261,7 @@ local function tso_test( host, port, commands )
   end
   tn:send_pf(3)
   tn:disconnect()
-  return tso, secprod, "Could not get to TSO. Try --script-args=tso-enum.commands='logon applid(tso)'. Aborting."
+  return tso, secprod, "Could not get to TSO. Try --script-args=tso-brute.commands='logon applid(tso)'. Aborting."
 end
 
 --- Tests the target to see if we can speed up brute forcing
@@ -274,6 +276,7 @@ end
 local function tso_skip( host, port, commands )
   stdnse.debug("Checking for IKJ56700A message skip")
   local tn = tn3270.Telnet:new()
+  tn:disable_tn3270e()
   stdnse.debug2("Connecting TN3270 to %s:%s", host.targetname or host.ip, port.number)
   local status, err = tn:initiate(host,port)
   stdnse.debug2("Displaying initial TN3270 Screen:")

scripts/tso-enum.nse

@@ -57,6 +57,7 @@ TSO user IDs have the following rules:
 -- 2015-10-30 - v0.2 - streamlined the code, relying on brute and unpwdb and
 --                     renamed to tso-enum.
 -- 2017-1-13  - v0.3 - Fixed 'data' bug and added options checking to speedup
+-- 2019-02-01 - v0.4 - Disabled TN3270 Enhanced support and fixed debug errors
 
 
 author = "Philip Young aka Soldier of Fortran"
@@ -74,6 +75,7 @@ Driver = {
     o.port = port
     o.options = options
     o.tn3270 = tn3270.Telnet:new()
+    o.tn3270:disable_tn3270e()
     return o
   end,
   connect = function( self )
@@ -165,6 +167,7 @@ Driver = {
 local function tso_test( host, port, commands )
   stdnse.debug("Checking for TSO")
   local tn = tn3270.Telnet:new()
+  tn:disable_tn3270e()
   local status, err = tn:initiate(host,port)
   local tso = false -- initially we're not at TSO logon panel
   local secprod = "RACF"
@@ -211,6 +214,7 @@ end
 local function tso_skip( host, port, commands )
   stdnse.debug("Checking for IKJ56700A message skip")
   local tn = tn3270.Telnet:new()
+  tn:disable_tn3270e()
   stdnse.debug2("Connecting TN3270 to %s:%s", host.targetname or host.ip, port.number)
   local status, err = tn:initiate(host,port)
   stdnse.debug2("Displaying initial TN3270 Screen:")

scripts/vtam-enum.nse

@@ -57,7 +57,7 @@ found for application IDs.
 -- 2015-11-14 - v0.3 - rewrote iterator
 -- 2017-01-13 - v0.4 - Fixed 'macros' bug with default vtam screen and test
 --                     and added threshold for macros screen checking
---
+-- 2019-02-01 - v0.5 - Disabling Enhanced mode
 
 author = "Philip Young aka Soldier of Fortran"
 license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
@@ -104,6 +104,7 @@ Driver = {
     o.port = port
     o.options = options
     o.tn3270 = tn3270.Telnet:new()
+    o.tn3270:disable_tn3270e()
     return o
   end,
   connect = function( self )
@@ -181,6 +182,7 @@ Driver = {
 -- @return status true on success, false on failure
 local function vtam_test( host, port, commands, macros)
   local tn = tn3270.Telnet:new()
+  tn:disable_tn3270e()
   local status, err = tn:initiate(host,port)
   stdnse.debug1("Testing if VTAM and 'logon applid' command supported")
   stdnse.debug2("Connecting TN3270 to %s:%s", host.targetname or host.ip, port.number)