Nmap Development mailing list archives
Getting system time from SMB (445 or 139)
From: Ron <ron () skullsecurity net>
Date: Fri, 22 Aug 2008 21:06:07 -0500
Hey guys, Has anybody written something to pull information from the reply to the initial SMB packet (raw or over NetBIOS) (NEGOTIATE PROTOCOL RESPONSE)? Some things it contains: - System's time - System's timezone offset - Highest SMB version supported - Security mode (which type of login it supports) I think the most useful would be the system's time/timezone offset, it's a high resolution timer (1/10 microseconds since 1601). It's pretty simple to ask the server for that stuff, it's a single static packet on TCP/445 (or two on TCP/139). If nobody's written it yet, I'm willing to take the initiative. If I do that, can somebody tell me how it would best be done (I'm guessing a nse script, but should I create one from scratch or glue this onto another?) Thanks! Ron Bowes _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Getting system time from SMB (445 or 139) Ron (Aug 22)
- Re: Getting system time from SMB (445 or 139) Brandon Enright (Aug 22)
- Re: Getting system time from SMB (445 or 139) Ron (Aug 22)
- Re: Getting system time from SMB (445 or 139) Brandon Enright (Aug 22)
- Re: Getting system time from SMB (445 or 139) Ron (Aug 22)
- Re: Getting system time from SMB (445 or 139) Ron (Aug 22)
- Re: Getting system time from SMB (445 or 139) Ron (Aug 23)
- Re: Getting system time from SMB (445 or 139) Brandon Enright (Aug 22)
- Re: Getting system time from SMB (445 or 139) Ron (Aug 23)
- Re: Getting system time from SMB (445 or 139) Ron (Aug 23)
- Re: Getting system time from SMB (445 or 139) Ron (Aug 23)
- Re: Getting system time from SMB (445 or 139) Ron (Aug 22)
- Re: Getting system time from SMB (445 or 139) Brandon Enright (Aug 22)