This case wasn't properly handled. Simply return nil.
It could also return 127.0.0.1 or 127.0.0.0/8 instead
of early exit though I doubt it makes that much sense
for user.
Removed some non-ANSI-C strftime format strings ("%F") and
locale-dependent formats ("%c") from NSE scripts and libraries.
C99-specified %F was noticed by Alex Weber
(http://seclists.org/nmap-dev/2013/q2/300)
This involves some reordering and renaming of fields from the previous
output, but hopefully more readable (less vertical whitespace). This
commit depends on the changes to stdnse.output_table to ignore assigning
new keys to nil and to use the __call metamethod to mean has_contents()
Also fixed some spelling and documentation issues.
Script now notifies if proxy is 1. open, 2. redirecting, or 3. allowing
SOCKS clients but not matching expected patterns.
socks-open-proxy was sending requests like this:
GET http://www.google.com HTTP/1.0
Host: www.google.com
Which is appropriate for HTTP proxies, but not for SOCKS. Changed to
more appropriate "GET / HTTP/1.0" and it works.
Discussion thread: http://seclists.org/nmap-dev/2013/q2/121
Existing behavior preserved and preferred, but absolute and local paths
should also work now. Notably, smb-psexec's locate_file function claimed
to check current directory but did not.
http://seclists.org/nmap-dev/2013/q2/101
- Changed line termination from \r\0 to \r\n.
- Changed response to the telnet server ECHO "will" / "will not" from
outright "do not" to an agreement with whatever the server proposes
to make the script work with some daemons.
- Removed use of receive_lines(), which was causing either time-outs or
unnecessary connection tear-downs due to waiting on a line
termination. This change improved the script success rate and/or
performance (5x in some cases).
- Exposed the connection time-out value as a configurable parameter
(telnet-brute.timeout). It defaults to 5s.
- Improved handling of connection errors, which were occassionally
causing credential combinations to be skipped.
- Updated the logged-in status detection logic to make the script work
with some daemons.
- Avoided overlapping connections to make the script work with daemons
that allow only one connection at a time.
- Replaced a locally defined routine with stdnse.string_or_blank() for
printing out credentials. Changed printing of tested credentials in
the debug output to be consistent with script results.
- Script will now report if it senses password-only authentication.
- Implemented detailed debug messages (e.g. "Sending password") at
debug level 3 (configurable).
- Expanded the script documentation.
Added 2 args:
banner.timeout is a timespec for how long to wait for output. Default is
still 5s.
banner.ports is a ports list for limiting which ports to connect to. The
default is still all ports, but using banner.ports=common will limit to
some common ports that always return a banner.
Originally committed by dmiller but recommitted by david after recovery
from backup.
