Nmap Development mailing list archives
Re: [NSE] SMB2/SMB3 library and scripts smb-protocols, smb2-capabilities and smb2-security-mode
From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 10 Jul 2017 14:12:42 -0500
Paulino, I can't wait to see this in Nmap proper! Would you mind opening a pull request on Github so that we can do code review there? I find it much easier than via email, especially since I can just grab the patch with: curl -L https://github.com/nmap/nmap/pulls/###.patch Dan On Sat, Jul 8, 2017 at 3:45 PM, Paulino Calderon <paulino () calderonpale com> wrote:
Hi list, I've been working on the NSE library for handling SMB2/SMB3 packets and although it is still a work in progress, there are some modules ready! Besides a new version of smb.lua and obviously smb2.lua, I'm attaching some new scripts: * smb-protocols: Lists supported SMB1/SMB2/SMB3 protocols and dialects * smb2-capabilities: Lists the capabilities of SMB2/SMB3 servers * smb2-security-mode: Reads the message signing configuration in SMB2/SMB3 servers. My plan is to keep implementing all missing features as I go adding SMB2/SMB3 support to our existing SMB scripts. As this can take me some time, I'm planning on merging these new changes in the coming days if feedback does not bring up any important issues. I've tested this against all modern versions of Windows and Samba but I've found there are some strange implementations out there! Any comments or bug reports are greatly appreciated! smb-protocols.nse ============== description = [[ Attempts to list the supported protocols and dialects of a SMB server. The script attempts to initiate a connection using the dialects: * NT LM 0.12 (SMBv1) * 2.02 (SMBv2) * 2.10 (SMBv2) * 3.00 (SMBv3) * 3.02 (SMBv3) * 3.11 (SMBv3) Aditionally if SMBv1 is found enabled, it will mark it as insecure. ]] --- -- @usage nmap -p445 --script smb-protocols <target> -- @usage nmap -p139 --script smb-protocols <target> -- -- @output -- | smb-protocols: -- | dialects: -- | NT LM 0.12 (SMBv1) [dangerous, but default] -- | 2.02 -- | 2.10 -- | 3.00 -- | 3.02 -- |_ 3.11 smb2-capabilities.nse ================= description = [[ Attempts to list the supported capabilities in a SMBv2 server for each enabled dialect. The script sends a SMB2_COM_NEGOTIATE command and parses the response using the SMB dialects: * 2.02 * 2.10 * 3.00 * 3.02 * 3.11 References: * https://msdn.microsoft.com/en-us/library/cc246561.aspx ]] --- -- @usage nmap -p 445 --script smb2-capabilities <target> -- @usage nmap -p 139 --script smb2-capabilities <target> -- -- @output -- | smb2-capabilities: -- | 2.02: -- | Distributed File System -- | 2.10: -- | Distributed File System -- | Leasing -- | Multi-credit operations smb2-security-mode.nse ================= description = [[ Determines the message signing configuration in SMBv2 servers for all supported dialects. The script sends a SMB2_COM_NEGOTIATE request for each SMB2/SMB3 dialect and parses the security mode field to determine the message signing configuration of the SMB server. References: * https://msdn.microsoft.com/en-us/library/cc246561.aspx ]] --- -- @usage nmap -p 445 --script smb2-security-mode <target> -- @usage nmap -p 139 --script smb2-security-mode <target> -- -- @output -- | smb2-security-mode: -- | 3.11: -- |_ Message signing enabled but not required Links ====== smb2.lua: https://github.com/cldrn/nmap/blob/smbv2/nselib/smb2.lua smb.lua: https://github.com/cldrn/nmap/blob/smbv2/nselib/smb.lua smb-protocols: https://github.com/cldrn/nmap/blob/smbv2/scripts/smb-protocols.nse smb2-capabilities: https://github.com/cldrn/nmap/blob/smbv2/scripts/smb2-capabilities.nse smb2-security-mode: https://github.com/cldrn/nmap/blob/smbv2/scripts/smb2-security-mode.nse smb2 branch: https://github.com/cldrn/nmap/tree/smbv2 Paulino Calderon Pale || @calderpwn on Twitter || http://www.calderonpale.com _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] SMB2/SMB3 library and scripts smb-protocols, smb2-capabilities and smb2-security-mode Paulino Calderon (Jul 08)
- Re: [NSE] SMB2/SMB3 library and scripts smb-protocols, smb2-capabilities and smb2-security-mode Daniel Miller (Jul 10)
- Re: [NSE] SMB2/SMB3 library and scripts smb-protocols, smb2-capabilities and smb2-security-mode Paulino Calderon (Jul 12)
- Re: [NSE] SMB2/SMB3 library and scripts smb-protocols, smb2-capabilities and smb2-security-mode Paulino Calderon (Jul 19)
- Re: [NSE] SMB2/SMB3 library and scripts smb-protocols, smb2-capabilities and smb2-security-mode Daniel Miller (Jul 20)
- Re: [NSE] SMB2/SMB3 library and scripts smb-protocols, smb2-capabilities and smb2-security-mode Paulino Calderon (Jul 20)
- Re: [NSE] SMB2/SMB3 library and scripts smb-protocols, smb2-capabilities and smb2-security-mode Daniel Miller (Jul 20)
- Re: [NSE] SMB2/SMB3 library and scripts smb-protocols, smb2-capabilities and smb2-security-mode Daniel Miller (Jul 10)