The checks for conficker and ms08_067 check for a specific status code
of 0x00000057, but do so by the name mapping to this value rather than
by value.
The name of this value was change from NT_STATUS_WERR_UNKNOWN_57 to
NT_STATUS_WERR_INVALID_PARAMETER in r24847, breaking these tests because
they were still searching for the "UNKNOWN_57" string.
This error was reported by Kit Peters.
http://seclists.org/nmap-dev/2012/q4/125
commit 5de9e4fa623f88a9b48ef0704244ff843005573a
Author: Patrik Karlsson <patrik@cqure.net>
Date: Sat Oct 6 21:19:08 2012 +0200
Applied patch from Dhiru Kholia adding oracle-brute-stealth and needed changes
reworked the patch slightly and added;
- support for specifying account on command line
- johnfile argument for writing hashes directly to file
As well as being shorter, this prevents connecting using a different
address family (e.g., IPv6 rather than IPv4) compared to doing this:
http.get(host.targetname, port.number)
Patch by John Bond.
http://seclists.org/nmap-dev/2012/q2/637
ssl-enum-ciphers was producing output against non-ssl services, listing
"least strength: strong" when there was no cipher matched. Fixed to
return nil in this case, and to clearly indicate when a protocol is
supported but does not support any of our ciphers (a very unlikely
situation! Had to artificially reduce attempted ciphers to test.)
Was crashing on unparseable dates (example: "2147483647Z"). Now the
exact string is placed in structured output when it cannot be
normalized. Also, the structured-format timestamp is used for Normal
output for consistency; no timezone offset was previously displayed.
The script was checking the returned data, but not the status. When
status is false, data is actually an error message. So in case of a
timeout, the script was receiving nil, "TIMEOUT" and interpreting
"TIMEOUT" as a response from the server. It looked like this:
Discovered open port 1434/udp on 127.0.0.1
NSE: rpc-grind: RPC checking function response data is not RPC.
NSE: Target port 1434 is not a RPC port.
This was reported by Christopher Clements.
http://seclists.org/nmap-dev/2012/q3/685
smb.get_os already returns something that is fairly well structured, so
basically return that. Keep the "os" and "lanmanager" fields separate,
though they are combined as "os (lanmanager)" for normal output. Combine
"time" and "timezone" into a single "date" output.
