Nmap Development mailing list archives
Re: [NSE RFC] SMB Probe
From: Kris Katterjohn <katterjohn () gmail com>
Date: Sun, 07 Sep 2008 22:57:29 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ron wrote:
Just to show, it works well for me on my Linux box after turning on Samba: Host script results: | Probe SMB for information: (using port 139): | SMB Security: User-level authentication | SMB Security: Challenge/response passwords supported | SMB Security: Message signing not supported | System time from SMB: 2008-09-07 17:19:46 [UTC-5] | Computer name from SMB: MSHOME\ | OS detection from SMB: Unix | Null sessions enabled |_ Guest account enabledAwesome, I was going to ask somebody to try on Samba! I notice that the domain is populated but the computer isn't ("MSHOME\"), not sure if I'm parsing something incorrectly or if Samba's sending back a blank string. If it's not too much trouble, can you send me a packet capture of the scan? I don't have a Samba server handy.
Samba is probably sending a blank string like it sends all 0s for the MAC address (you can also see a comment in nbstat.nse talking about the latter). Just let me know if I can send you something else to help.
Thanks, Ron
Thanks, Kris Katterjohn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSMSipf9K37xXYl36AQIpkBAAsKHMApMuW2O6Ox7seC5ySKn1qwOd20WK eSZYDAokOLEEHUAOqWa5zLtBegxmPZINVsytbqa4b0uC80JSOM4x/DLdn0/NybI5 jjDE+ZSrzwTxA6cyN4G8VKdK3fiDEPQltb9I2SiZLQGeeaSYkg2Hjwo6VrGP1a8l YE5XAuySgSEieZ76QBiayqVbt5H3X8vkfaPDSyiCe9DMfsmrcLWhoKFoCMGzPsTN OVommI8nDptKavTkSU/kmI3UP5YVSTEpo84lKJjPOezsmoq43VmyiozStY3dE+rt MWBQ5YMaxPNQm83o6abs3+sgsil9COnu/jrhUGNHF1MsYAbPFq6yGyF5VsrnScD+ C83qrjgpvFYFGdAGQt1tyFoxHT9d7q9vc/SPEN3dMrZBuULN4UW3EkYISt3OWysi PKtv02uCmmGPjo3yDG61C6zOkoH6lK7yTmzAR51/LpDC35Osa5QxNG5vC1T49d7z B77pV4W7yk6N5N5IKuXxKBxfhHARwFztx17uG7mpgmjzi72wLeKoMTM1Yg9DfUGp uJn6FEQWCytzZ6Cr/tCb9BqxzUvhlu1JZOH2Exex1X6itFByQxoZMGOxqWjtCJRV MvueGu6rvHYQDFggvem+HPfupiKPL+o6gICpwI7ruIN/lBF6hCdWJjY0zSr8MOHq U/l2d1g6n3A= =tsis -----END PGP SIGNATURE-----
Attachment:
smb-probe.pcap
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE RFC] SMB Probe Ron (Sep 07)
- Re: [NSE RFC] SMB Probe Kris Katterjohn (Sep 07)
- Re: [NSE RFC] SMB Probe Ron (Sep 07)
- Re: [NSE RFC] SMB Probe Kris Katterjohn (Sep 07)
- Re: [NSE RFC] SMB Probe Ron (Sep 07)
- Message not available
- Message not available
- RE: [NSE RFC] SMB Probe Aaron Leininger (Sep 08)
- RE: [NSE RFC] SMB Probe Aaron Leininger (Sep 08)
- Message not available
- Re: [NSE RFC] SMB Probe Kris Katterjohn (Sep 07)