Re: NSE script for OS identification / clarification using Netbios/SMB

[Brandon Enright <bmenrigh () ucsd edu>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 28 Nov 2007 14:12:57 -0800
Fyodor <fyodor () insecure org> wrote:

> On Wed, Nov 28, 2007 at 02:30:19PM -0500, Matthew Watchinski wrote:
> > The attached script written by Judy Novak, utilizes Netbios requests and
> > SMB AndX responses to help determine the OS and clarify the OS running
> > on a host that has Netbios and SMB running.  This can be helpful if OS
> > identification returns multiple possible fingerprints for a given
> > windows system.
>
> Thanks Matt, this looks great.  It worked against a Linux box running
> Samba which I tested it against:
>
> Host flog (127.0.0.1) appears to be up ... good.
> Interesting ports on flog (127.0.0.1):
> PORT    STATE         SERVICE
> 139/tcp open          netbios-ssn
> 137/udp open|filtered netbios-ns
>
> Host script results:
> |_ Discover OS Version over NetBIOS and SMB: Unix
>
> I have checked it into SVN for the next release.  We are now up to 40
> NSE scripts shipping with Nmap.
>
> Cheers,
> -F

Cool.  This script is a prime candidate for replacing my nbstat.nse
script.  It would be nice to get all of the NetBIOS and SMB functions all
in one place (a library?) so that scripts like this or mine are as simple
and calling functions to generate the packet, send, and parse it.

Both Nessus and Metasploit have libraries like this that make writing
arbitrary Windows scripts much easier.

Thoughts?

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHThoVqaGPzAsl94IRAvybAJ4qSGpypvUrOjYyIEctyYucS+REfgCeMY0Z
+niVTb6/UcKNrDtvquL1JTc=
=1KsJ
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org