[NSE] Recent additions

["Philip Pickering" <pgpickering () gmail com>]

Hi,

a few new features have been added to the NSE in the last few days.
They are in the svn version, please test them and comment.

* the binlib, see [1]
* the hashlib, see below
* the SNMP library, see [2]
* the base64 library, see below
* the POP3 library

_hashlib_

Four functions have been added to NSE:
* hash.md5(data)
* hash.sha1(data)
* hash.md5bin(data)
* hash.sha1bin(data)

The first two provide the digest as a hex string, the bin-versions
return the raw data.
It's independent of openssl being present.


_Base 64 library_

Is located in base64.lua and features two functions:

* base64.enc(data) encodes a given string,
* base64.dec(b64data) decodes it


_POP3 library_

The capabilities function was already presented in [3].
The library now features functions for several login methods:
* login_user (...)
* login_apop (...)
* login_sasl_plain (...)
* login_sasl_login (...)
* login_sasl_crammd5 (...)

Each function takes three arguments, for example
login_user(socket, user, pw), except login_apop which
takes a fourth containing the server challenge necessary
for APOP authentication. They expect to be called at the
beginning of a POP3 session , right after the server greeting.

They return a boolean for success notification and an
error code (see err table in pop3.lua).

brutePOP3.nse demonstrates an example usage.


_Scripts_
Other newly added scripts include a modified version of
Thomas Buchanan's SNMPsysdesr.nse using the SNMP
library and SNMPcommunitybrute.nse trying to guess
the community string.

[1] http://nmap.org/book/nse-library.html#nse-binlib
[2] http://seclists.org/nmap-dev/2008/q3/0032.html
[3] http://seclists.org/nmap-dev/2008/q2/0787.html

cheers,
Philip

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org