Removed some non-ANSI-C strftime format strings ("%F") and
locale-dependent formats ("%c") from NSE scripts and libraries.
C99-specified %F was noticed by Alex Weber
(http://seclists.org/nmap-dev/2013/q2/300)
This involves some reordering and renaming of fields from the previous
output, but hopefully more readable (less vertical whitespace). This
commit depends on the changes to stdnse.output_table to ignore assigning
new keys to nil and to use the __call metamethod to mean has_contents()
Also fixed some spelling and documentation issues.
Script now notifies if proxy is 1. open, 2. redirecting, or 3. allowing
SOCKS clients but not matching expected patterns.
socks-open-proxy was sending requests like this:
GET http://www.google.com HTTP/1.0
Host: www.google.com
Which is appropriate for HTTP proxies, but not for SOCKS. Changed to
more appropriate "GET / HTTP/1.0" and it works.
Discussion thread: http://seclists.org/nmap-dev/2013/q2/121
Existing behavior preserved and preferred, but absolute and local paths
should also work now. Notably, smb-psexec's locate_file function claimed
to check current directory but did not.
http://seclists.org/nmap-dev/2013/q2/101
- Changed line termination from \r\0 to \r\n.
- Changed response to the telnet server ECHO "will" / "will not" from
outright "do not" to an agreement with whatever the server proposes
to make the script work with some daemons.
- Removed use of receive_lines(), which was causing either time-outs or
unnecessary connection tear-downs due to waiting on a line
termination. This change improved the script success rate and/or
performance (5x in some cases).
- Exposed the connection time-out value as a configurable parameter
(telnet-brute.timeout). It defaults to 5s.
- Improved handling of connection errors, which were occassionally
causing credential combinations to be skipped.
- Updated the logged-in status detection logic to make the script work
with some daemons.
- Avoided overlapping connections to make the script work with daemons
that allow only one connection at a time.
- Replaced a locally defined routine with stdnse.string_or_blank() for
printing out credentials. Changed printing of tested credentials in
the debug output to be consistent with script results.
- Script will now report if it senses password-only authentication.
- Implemented detailed debug messages (e.g. "Sending password") at
debug level 3 (configurable).
- Expanded the script documentation.
Added 2 args:
banner.timeout is a timespec for how long to wait for output. Default is
still 5s.
banner.ports is a ports list for limiting which ports to connect to. The
default is still all ports, but using banner.ports=common will limit to
some common ports that always return a banner.
Originally committed by dmiller but recommitted by david after recovery
from backup.
Similar changes to r30653, but may break compatibility with people using
integer millisecond values, which are now treated as number of seconds.
To get same behavior, use ms after number, e.g. 5000 becomes 5000ms or
5s
Many scripts were documented as using timespecs (10s, 5000ms, etc) for
timeout script-args, but one 1 or 2 actually did. Now all timeout
script-args will accept timespecs, except those which took a number of
milliseconds, which remain unchanged.
Also fixed some documentation issues (missing script name in arg
description, missing nsedoc for args, etc)
