Re: [NSE patch]

[Fyodor <fyodor () insecure org>]

On Mon, Aug 25, 2008 at 05:35:51PM -0500, Ron wrote:
> Hey,
>
> I posted this to the list on the weekend, but it was buried in a
> conversation with myself and wasn't clear that it was finished, so I
> thought it best to start a new thread.

Hi Ron.  Thanks for the reminder.  I tested this against my Windows XP
SP2 box and it worked well:

Host script results:
|  Discover OS Version over NetBIOS and SMB: Windows XP
|_ Discover system time over SMB: 2008-08-25 19:52:20 UTC-7

One problem is that when I use this in combination with version
detection, the NSE script fails to get results:

./nmap -sV --script scripts/netbios-smb-os-discovery.nse 192.168.0.4
[...]
PORT    STATE SERVICE      VERSION
135/tcp open  msrpc        Microsoft Windows RPC
139/tcp open  netbios-ssn
445/tcp open  microsoft-ds Microsoft Windows XP microsoft-ds
MAC Address: 00:0C:29:FA:6E:BD (VMware)
Service Info: OS: Windows

Host script results:
|  Discover OS Version over NetBIOS and SMB: OS version cannot be determined.
|_ Never received a response to SMB Setup AndX Request
|  Discover OS Version over NetBIOS and SMB: Windows XP
|_ Discover system time over SMB: 2008-08-25 19:56:53 UTC-7

I found that this problem occurs with the previous version too, so it
isn't caused by your changes.

I'm a little surprised that (when working) it doesn't provide the
machine's SMB computer name and workgroup.  Should it?

In any case, it seems to be an improvement and so I've checked it in.
My only change is that I removed the verbosity conditional for system
time.  I think that information is useful enough to print in any case.
And its only one line.

I'm a little surprised that it didn't provide the NetBIOS name and
workgroup, but maybe there is a good reason for that.

Thanks for making the improvements!

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org