ron
046c637bb1
Fixed a typo and a circular dependency in smb-check-vulns.nse.
2010-01-04 17:00:40 +00:00
batrick
610bd0a55b
Merge from Dependencies branch (nmap-exp/patrick/dependencies)
...
with modifications from [2].
** Short description from [1] **
I have created a patch to NSE that replaces runlevels with a table of
dependencies that clearly outlines what other scripts the script
depends on. The table is of the form:
dependences = {"script1", script2", ...}
Runlevels become an internal representation of the order of scripts
that are generated by the dependencies. Dependencies only enforce
an execution order and not a requirement for execution.
[1] http://seclists.org/nmap-dev/2009/q4/295
[2] http://seclists.org/nmap-dev/2009/q4/446
2009-12-30 02:34:05 +00:00
ron
08da8db7f0
Importing changes from my branch. There are two major updates:
...
1) I wrote a function that formats output from scripts in a consistent way. Although we haven't really come to a concensus on how it should look yet, it's easy to change when we do.
2) New script: smb-enum-groups.nse. Enumerate the local groups on a system and their membership.
2009-11-20 16:05:06 +00:00
batrick
b356ce2580
Added smb-check-vulns.nse to the vuln category.
2009-10-06 12:04:35 +00:00
ron
32d9c9fe98
Added a check for a SMBv2 vulnerability (CVE-2009-3103) to smb-check-vulns. Due to its nature (it performs a DoS, then checks if the system is still online), the script isn't run by default and requires a special script-arg to work.
2009-09-14 15:23:06 +00:00
ron
8ba83f3460
Cleaned up the output for smb-check-vulns.nse. Messages are no longer displayed by default if a vulnerability (or infection) isn't found. With -v, messages indicating a vulnerability was fixed or malware wasn't found are displayed. With -d, error messages are displayed.
2009-06-09 17:56:41 +00:00
ron
1fbc9e62cf
defaulted to basic login for smb-check-vulns (the test infected box I found doens't like extended logins, not sure whether it's because of Conficker or if it was random chance
2009-04-17 01:13:57 +00:00
ron
dd9f063b1f
Updated Conficker.D-detection code
2009-04-17 01:09:29 +00:00
ron
14f2c0c6db
Added experimental checks for Conficker.D/E
2009-04-17 00:34:13 +00:00
ron
80b53d8ffa
Fixed a comment -- said 'windows 2003' where it should have been 'windows 2000'
2009-04-03 13:29:04 +00:00
david
7e2b32e6ed
Fix an error with smb-check-vulns.nse Conficker error help. I was catching the
...
error at the wrong level, so not all possible errors were being run through the
help table. Specifically, errors returned msrpc.start_smb and msrpc.bind, which
included at least NT_STATUS_OBJECT_NAME_NOT_FOUND, didn't get the explanatory
text. I made a mistake in testing the error reporting the first time around.
2009-04-02 17:26:04 +00:00
david
09762c4d85
Add helpful text for the two most common errors seen in the Conficker
...
check in smb-check-vulns.nse: NT_STATUS_OBJECT_NAME_NOT_FOUND and
NT_STATUS_ACCESS_DENIED. Ron and I found the best explanations for these
that we could. There is another error, NT_STATUS_NOT_SUPPORTED, which is
less common than these but has been observed. We still don't have a clue
as to the cause of that one.
2009-04-02 02:27:47 +00:00
ron
dde55ed602
Added a change to eliminate possible false negatives
2009-04-01 12:23:21 +00:00
ron
f157387be1
Changed message when checks are disabled (it seemed to be confusing people)
2009-04-01 03:31:13 +00:00
ron
cf73d9eb03
Fixed a bug where every host showed up as 'infected'.. oops\!
2009-03-31 15:18:03 +00:00
ron
70275c69c3
Fixed a small output bug in smb-check-vulns where it would print 'PATCHED' if an error occurred (in addition to the error message)
2009-03-31 15:04:10 +00:00
ron
f4575514af
Updated Conficker detection: change some constants, better error checking for MS08-067 patch (tell the user if the system has a jury-rigged patch instead of a cryptic error)
2009-03-31 14:14:24 +00:00
kris
f6f61ecf83
typos in docs/comments: if->is and alse->false
2009-03-30 20:25:45 +00:00
ron
9948b1d7f4
Print Connficker error messages always
2009-03-30 19:16:55 +00:00
ron
67a6886318
Changed spelling of 'Connficker' to 'Conficker'
2009-03-30 15:24:36 +00:00
ron
9060d2fadd
Modified smb-check-vulns.nse to check for Connficker infections. Got permission from authors of simple connficker scanner (scs.zip) to post this
2009-03-30 14:46:58 +00:00
ron
45744eddc3
Merge in changes from my private branch, primarily smb-brute.nse and smb-pwdump.nse, among other smaller changes.
2009-03-05 02:03:29 +00:00
david
00b65b7768
Remove script args that are inherited from modules from sript documentation.
...
Such args are now included automatically in the generated documentation.
2009-02-05 23:45:12 +00:00
david
81886dc21d
Remove id variables from a couple of scripts.
2009-01-26 05:56:49 +00:00
ron
773000b65a
Merging changes from my experimental branch; the new versions of this scripts, which have significant changes to their core functionality, managed to hold their own against Brandon's network. More testing would be very helpful, though, especially with credentials (most of Brandon's scans were anonymous).
2008-12-24 00:53:01 +00:00
ron
ea42f39faa
Merged in significant changes to Microsoft RPC calls
2008-12-07 16:16:11 +00:00
david
85deff9ede
Use a more straightforward return style in script rules. Instead of
...
if cond then
return true
else
return false
end
just do
return cond
2008-11-18 16:59:09 +00:00
david
dd586b90bd
Remove smb-check-vulns.nse from the vuln category, leaving it in intrusive.
2008-11-11 00:48:48 +00:00
david
03c9145785
Take smb-check-vulns.nse out of discovery and put it in vuln.
2008-11-11 00:35:41 +00:00
david
9d97468d48
Update some documenation in smb-check-vulns.nse.
2008-11-10 23:18:20 +00:00
david
65348958eb
Rearrange some symbolic constants in smb-check-vulns.nse so as not to confuse
...
NSEDoc. Also fix a couple of typos.
2008-11-10 21:44:35 +00:00
ron
8e89a0e217
updated scriptdb/CHANGELOG, renamed smb-checkvulns.nse to nse-check-vulns.nse for consistency with the new naming standard
2008-11-10 19:06:50 +00:00
