Nmap Development mailing list archives
Re: Updated SMB scripts
From: Ron <ron () skullsecurity net>
Date: Wed, 24 Dec 2008 14:59:02 -0600
Hi Kris, Kris Katterjohn wrote:
On 12/23/2008 07:24 PM, Ron wrote: Your original scripts used to work quite well for me against Samba (I think you'll find some of my output in the -dev archives), but now all I'm getting is this running from trunk: Host script results: |_ smb-os-discovery: ERROR: SMB: ERROR: Ran off the end of SMB packet; likely due to server truncation [13] |_ smb-enum-processes: ERROR: SMB: ERROR: Ran off the end of SMB packet; likely due to server truncation [13] |_ smb-system-info: ERROR: SMB: ERROR: Ran off the end of SMB packet; likely due to server truncation [13] |_ smb-enum-domains: ERROR: SMB: ERROR: Ran off the end of SMB packet; likely due to server truncation [13] |_ smb-server-stats: ERROR: SMB: ERROR: Ran off the end of SMB packet; likely due to server truncation [13] |_ smb-security-mode: ERROR: SMB: ERROR: Ran off the end of SMB packet; likely due to server truncation [13] | smb-enum-users: | ERROR: Couldn't enumerate through LSA: SMB: ERROR: Ran off the end of SMB packet; likely due to server truncation [13] |_ ERROR: Couldn't enumerate through SAMR: SMB: ERROR: Ran off the end of SMB packet; likely due to server truncation [13] | smb-enum-sessions: | ERROR: Couldn't enumerate login sessions: SMB: ERROR: Ran off the end of SMB packet; likely due to server truncation [13] |_ ERROR: Couldn't enumerate network sessions: SMB: ERROR: Ran off the end of SMB packet; likely due to server truncation [13] |_ smb-enum-shares: ERROR: SMB: ERROR: Ran off the end of SMB packet; likely due to server truncation [13] |_ smb-check-vulns: MS08-067: ERROR: SMB: ERROR: Ran off the end of SMB packet; likely due to server truncation [13] Thanks, Kris Katterjohn
The old version of this code was a lot more tolerant to servers doing funky things. In this version, I'm checking for things like running off the end of packets (the previous version would just ignore it). That being said, it's easy enough to ignore it in specific places. I committed a change to do so, let me know if it works. Ron -- Ron Bowes http://www.skullsecurity.org/ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Updated SMB scripts Ron (Dec 23)
- Re: Updated SMB scripts Kris Katterjohn (Dec 24)
- Re: Updated SMB scripts Ron (Dec 24)
- Re: Updated SMB scripts Kris Katterjohn (Dec 24)
- Re: Updated SMB scripts Ron (Dec 24)
- Re: Updated SMB scripts Ron (Dec 24)
- Re: Updated SMB scripts Kris Katterjohn (Dec 24)
- Re: Updated SMB scripts Ron (Dec 24)
- Re: Updated SMB scripts Ron (Dec 24)
- Re: Updated SMB scripts Kris Katterjohn (Dec 24)
- Re: Updated SMB scripts Ron (Dec 28)
- Re: Updated SMB scripts David Fifield (Dec 28)
- Re: Updated SMB scripts David Fifield (Dec 29)