Nmap Development mailing list archives
Re: [NSE] Patch for duplicate in smb.lua's default shares list
From: Chris Woodbury <chris3e3 () gmail com>
Date: Fri, 4 Feb 2011 14:44:38 -0600
Great. Those two were also from just some informal analysis. It would be an interesting project sometime to look at the results from a large amount of credentialed scanning and see what the most common share names are, and whether there are any we're still missing. -chris On Thu, Feb 3, 2011 at 3:31 PM, Ron <ron () skullsecurity net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sure, the link of shares we used were just things we thought of - there's no statistics to support the shares we chose being the "best". On Thu, 3 Feb 2011 15:24:34 -0600 Chris Woodbury <chris3e3 () gmail com> wrote:You probably had a good reason, which we'll probably find out about once the list gets a "SMB default share scanning causes XYZ problem" email ;-) On a serious note, at the suggestion of one of my colleagues, can we also add "TEMP" and "SHARE" (in addition to the existing "SHARED") to the list? -chris On Thu, Feb 3, 2011 at 11:14 AM, Ron <ron () skullsecurity net> wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 31 Jan 2011 15:34:37 -0600 Chris Woodbury <chris3e3 () gmail com> wrote:The default list of shares to look for (line 2783) has "BACKUP" listed twice. I've attached a patch[1] with the duplicate removed and the share names listed alphabetically to make this easier to avoid in the future. While I was looking at the functionality, I wondered whether it would be worthwhile to check for most of those share names as hidden shares (i.e. with a trailing '$') as well. I've attached another patch[2] that takes the list of shares from [1] (with hidden shares removed), adds the alphabet shares, and then goes through the list, adding a hidden share for each. [1] smb_sharenames1.patch [2] smb_sharenames2.patchI think it's a good idea, trying everything as hidden. Honestly, I forget why I didn't do that in the first place. Ron -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) iEYEARECAAYFAk1K4ngACgkQ2t2zxlt4g/SayACeLnE8u6UwMSEtJ1UDaqo7ohR9 ohkAoNMMnYiVeDlGSIanyudwALeBvmn2 =vJJ6 -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAk1LHp0ACgkQ2t2zxlt4g/S2+QCfbEim72bE6PDjZ4/bTqTlvStm 8IwAoLDVKLBIdobW6KfXdMmkXQQoSf4P =Gxf7 -----END PGP SIGNATURE-----
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Patch for duplicate in smb.lua's default shares list Chris Woodbury (Jan 31)
- Re: [NSE] Patch for duplicate in smb.lua's default shares list Ron (Feb 03)
- Re: [NSE] Patch for duplicate in smb.lua's default shares list Chris Woodbury (Feb 03)
- Re: [NSE] Patch for duplicate in smb.lua's default shares list Ron (Feb 03)
- Re: [NSE] Patch for duplicate in smb.lua's default shares list Chris Woodbury (Feb 04)
- Re: [NSE] Patch for duplicate in smb.lua's default shares list Ron (Feb 08)
- Re: [NSE] Patch for duplicate in smb.lua's default shares list Chris Woodbury (Feb 03)
- Re: [NSE] Patch for duplicate in smb.lua's default shares list Ron (Feb 03)
- Re: [NSE] Patch for duplicate in smb.lua's default shares list David Fifield (Feb 03)