Nmap Development mailing list archives
Re: [NSE] msrpc-enum
From: Aleksandar Nikolic <nikolic.alek () gmail com>
Date: Fri, 31 Aug 2012 12:03:33 +0200
This has been commited in 29702. On 8/24/2012 11:41 AM, Aleksandar Nikolic wrote:
Hi all, I've written a new script which queries MSRPC endpoint mapper and tries to enumerate all registered services and get their details. The script was modeled after dcedump tool from SPIKE fuzzer which was in turn modeled after rpcdump tool from Microsoft. Script uses msrpc lib and works ontop of SMB , which means it supports authentication with usual script arguments (smbuser and smbpassword). Here is the sample output: -- | uuid: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 -- | annotation: DHCP Client LRPC Endpoint -- | ncalrpc: dhcpcsvc -- | -- | uuid: 12345678-1234-abcd-ef00-0123456789ab -- | annotation: IPSec Policy agent endpoint -- | ncalrpc: audit -- | -- | uuid: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 -- | ip_addr: 0.0.0.0 -- | annotation: DHCP Client LRPC Endpoint -- | tcp_port: 49153 -- | -- <snip> -- | -- | uuid: 12345678-1234-abcd-ef00-0123456789ab -- | annotation: IPSec Policy agent endpoint -- | ncalrpc: securityevent -- | -- | uuid: 12345678-1234-abcd-ef00-0123456789ab -- | annotation: IPSec Policy agent endpoint -- |_ ncalrpc: protected_storage The script requires a patch to msrpc lib which adds a few functions related to endpoint mapper. Check it out and tell me what you think, Aleksandar
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] msrpc-enum Aleksandar Nikolic (Aug 24)
- Re: [NSE] msrpc-enum Aleksandar Nikolic (Aug 31)