Wai Tuck's GSOC status report #14 of 17

[Wong Wai Tuck <wongwaituck () gmail com>]

After a long struggle, I have finally completed the smb-smbloris script but
it suffers from quite a number of limitations with and will be discussing
with George later!

Accomplishments
- Completed smb-smbloris, but suffers from a disappearing sockets problem
that I hope to discuss with my mentor!
- Finished the first iteration for pwdprofiling - I have augmented
unpwdb.lua to allow scripts to add words and even phrases to the database
(which can be used for bruteforcing both passwords and usernames later).
The words are filtered for common meaningless English words (e.g. the, a)
and the remaining unique words will become candidates for
username/passwords for later on in the scan, allowing the brute scripts to
use information from scanning of one host (e.g. the Workgroup name of  a
Windows host) as potential username/password candidates for a different
host (e.g. one running Linux). I have tested the library with improvements
to ssh-brute and smb-os-discovery and it is working well :)

Priorities
- Discuss with mentor about smbloris script
- Implement specificity options for using of information collected by
password profiling scripts (e.g. per host basis, per subnet basis)
- Look through scripts and augment candidate scripts with the same
capabilities for password profiling (i.e. scripts that collect information)
- Work on password mangling library

That's it for now!

Wai Tuck

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/