Nmap Development mailing list archives
Trouble running smb-psexec.nse (NT_STATUS_INVALID_PARAMETER)
From: David Fifield <david () bamsoftware com>
Date: Fri, 12 Feb 2010 13:39:00 -0700
I'm having trouble running smb-psexec.nse. I'm getting this error message: $ nmap --script=smb-psexec --script-args smbuser=jrandom,smbpass=jrandom -p 445 -PN 192.168.0.190 -d NSE: SMB: Attempting to log into the system to enumerate shares NSE: SMB: Added account '' to account list NSE: SMB: Added account 'guest' to account list NSE: SMB: Added account 'jrandom' to account list NSE: SMB: Found 8 shares, will attempt to find more information NSE: SMB: Trying a random share to see if server responds properly: nmap-share-test NSE: SMB: Getting information for share: ADMIN$ NSE: SMB: Checking if share ADMIN$ can be read by the current user NSE: SMB: Checking if share ADMIN$ can be read by the anonymous user NSE: SMB: Checking if share ADMIN$ can be written by the current user NSE: SMB: Checking if share ADMIN$ can be written by the anonymous user NSE: SMB: Getting information for share: C$ NSE: SMB: Checking if share C$ can be read by the current user NSE: SMB: Checking if share C$ can be read by the anonymous user NSE: SMB: Checking if share C$ can be written by the current user NSE: SMB: Checking if share C$ can be written by the anonymous user NSE: SMB: Getting information for share: IPC$ NSE: SMB: Checking if share IPC$ can be read by the current user NSE: SMB: Checking if share IPC$ can be read by the anonymous user NSE: SMB: Checking if share IPC$ can be written by the current user NSE: SMB: Checking if share IPC$ can be written by the anonymous user NSE: SMB: Getting information for share: My Pictures NSE: SMB: Checking if share My Pictures can be read by the current user NSE: SMB: Checking if share My Pictures can be read by the anonymous user NSE: SMB: Checking if share My Pictures can be written by the current user NSE: SMB: Checking if share My Pictures can be written by the anonymous user NSE: SMB: Getting information for share: Printer NSE: SMB: Checking if share Printer can be read by the current user NSE: SMB: Checking if share Printer can be read by the anonymous user NSE: SMB: Checking if share Printer can be written by the current user NSE: SMB: Error while getting share details: Error writing test file to disk as user: NT_STATUS_INVALID_PARAMETER NSE: Finished smb-psexec against 192.168.0.190. Host script results: | smb-psexec: |_ ERROR: Error writing test file to disk as user: NT_STATUS_INVALID_PARAMETER (May not have an administrator account) If I modify smb.share_user_can_write to handle NT_STATUS_INVALID_PARAMETER the same way as NT_STATUS_ACCESS_DENIED, then the check gets past the Printer share and continues running. However it still fails later with NSE: smb-psexec: Entering cleanup() -- errors here can generally be ignored NSE: Stopping service: 1c59e4ba NSE: smb-psexec: [cleanup] Couldn't stop service: NT_STATUS_SERVICE_DOES_NOT_EXIST (svcctl.openservicew) NSE: Deleting service: 1c59e4ba NSE: smb-psexec: [cleanup] Couldn't delete service: NT_STATUS_SERVICE_DOES_NOT_EXIST (svcctl.openservicew) NSE: SMB: Couldn't delete ADMIN$\b3c98143.txt: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: SMB: Couldn't delete ADMIN$\b3c9b403.out: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: SMB: Couldn't delete ADMIN$\9b422d27.out.tmp: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: SMB: Couldn't delete C$\b3c98143.txt: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: SMB: Couldn't delete C$\b3c9b403.out: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: SMB: Couldn't delete C$\9b422d27.out.tmp: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: SMB: Couldn't delete My Pictures\b3c98143.txt: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: SMB: Couldn't delete My Pictures\b3c9b403.out: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: SMB: Couldn't delete My Pictures\9b422d27.out.tmp: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: SMB: Couldn't delete SharedDocs\b3c98143.txt: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: SMB: Couldn't delete SharedDocs\b3c9b403.out: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: SMB: Couldn't delete SharedDocs\9b422d27.out.tmp: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: SMB: Couldn't delete david\b3c98143.txt: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: SMB: Couldn't delete david\b3c9b403.out: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: SMB: Couldn't delete david\9b422d27.out.tmp: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: SMB: Couldn't delete print$\b3c98143.txt: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: SMB: Couldn't delete print$\b3c9b403.out: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: SMB: Couldn't delete print$\9b422d27.out.tmp: NT_STATUS_OBJECT_NAME_NOT_FOUND NSE: smb-psexec: Leaving cleanup() NSE: Finished smb-psexec against 192.168.0.190. Completed NSE at 13:37, 1.27s elapsed Host script results: | smb-psexec: |_ ERROR: Couldn't upload the service file: Couldn't find the file This is against Windows XP Professional SP3, with the login policy set to "Classic" (not "Guest only"). David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Trouble running smb-psexec.nse (NT_STATUS_INVALID_PARAMETER) David Fifield (Feb 12)
- Re: Trouble running smb-psexec.nse (NT_STATUS_INVALID_PARAMETER) Ron (Feb 12)
- Re: Trouble running smb-psexec.nse (NT_STATUS_INVALID_PARAMETER) David Fifield (Feb 12)
- Re: Trouble running smb-psexec.nse (NT_STATUS_INVALID_PARAMETER) Ron (Feb 12)