Re: [NSE] CICS fixes and new script

[Phil <mainframed767 () gmail com>]

Hi All, 

I’ve also added a new script called ‘cics-info’ which can use the CEMT cics transaction ID to profile the system. 
Example output:

PORT   STATE SERVICE VERSION
23/tcp open  tn3270  IBM Telnet TN3270 (TN3270E)
 | cics-info:
 |   Security: Disabled
 |   z/OS Version: 02.01.00
 |   CICS Version: 05.02.00
 |   System ID: CICS
 |   Application ID: CICSFAKE
 |   Default User: USERCICS
 |   Transaction / Program:
 |     AADD / DFH$AALL
 |     ABRW / DFH$ABRW
 |     AINQ / DFH$AALL
 |     AMNU / DFH$AMNU
 |     AORD / DFH$AREN
 |     AORQ / DFH$ACOM
 |     AREP / DFH$AREP
 |     AUPD / DFH$AALL
 |     CADP / DFHDPLU
 ...
 |     CEDX / DFHEDFP
 |     CEGN / DFHCEGN
 |     CEHP / DFHCHS
 |     CEHS / DFHCHS
 |     CEJR / DFHEJITL
 |     CEMN / DFHCEMNA
 |     CEMT / DFHEMTP
 |     CEOT / DFHEOTP
 |     CXRT / DFHCRT
 |     DSNC / DFHD2CM1
 |   Users:
 |     USERCICS
 |   Libraries:
 |     HLQ123.CICS.SDFHLOAD
 |   Datasets:
 |     CICS.FILEA
 |     HLQ123.CICS.DFHCSD
 |_    HLQ123.CICS.DFHLRQ


> On Jan 30, 2017, at 4:09 PM, Phil Young <mainframed767 () gmail com> wrote:
>
> Hi All, 
>
> I've just created the following pull request: https://github.com/nmap/nmap/pull/671 
> <https://github.com/nmap/nmap/pull/671>
> This pull request adds/fixes the following
>
> cics-enum support for testing transaction IDs with a valid username/password (transaction IDs that need auth can now 
> be discovered)
>
> cics-user-enum added support for RACF messages and other fixes
>
> New cics-user-brute A new script for brute forcing CICS user IDs
>
>
> -- 
> Soldier of Fortran
> @mainframed767

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/