Nmap Development mailing list archives
Re: AFP showmount script
From: David Fifield <david () bamsoftware com>
Date: Wed, 20 Jan 2010 14:52:21 -0700
On Wed, Jan 13, 2010 at 10:00:16PM +0100, Patrik Karlsson wrote:
On 13 jan 2010, at 00.25, David Fifield wrote:On Mon, Jan 04, 2010 at 11:14:27AM +0100, Patrik Karlsson wrote:Hi, I have been working on a new AFP script recently and I'm submitting a first version to the list. It is similar to the nfs-showmount script as it attempts to list publicly shared volumes and their ACLs. I have put all the protocol specific stuff into afp.lua which goes inside the nselibs directory. As always it needs testing and feedback is of course much appreciated.I'm having trouble getting it to work. The debug output shows it is getting a response but it's not appearing in the port table. $ ./nmap --datadir . -p afp -PN 192.168.0.190 --script=afp-showmount -d Starting Nmap 5.10BETA2 ( http://nmap.org ) at 2010-01-12 16:20 MST Initiating NSE at 16:20 NSE: NSE Script Threads (1) running: NSE: Starting afp-showmount against 192.168.0.190:548. NSE: Volumes: 1 NSE: Volume name: david's Public Folder NSE: Vol_id: 1 NSE: Finished afp-showmount against 192.168.0.190:548. Completed NSE at 16:20, 0.04s elapsed NSE: Script Scanning completed. Nmap scan report for 192.168.0.190 Host is up, received user-set (0.0038s latency). Scanned at 2010-01-12 16:20:45 MST for 0s PORT STATE SERVICE REASON 548/tcp open afp syn-ack I attached a pcap file in case it helps.Here's an updated version of the script that addresses the bug where no results would show if a single share was found.
It works for me now. 548/tcp open afp syn-ack | afp-showmount: | david's Public Folder | Owner: Search,Read,Write | Group: Search,Read | Everyone: Search,Read |_ User: Search,Read The script and library look to be of high quality as usual and I've committed them in r16521. I see there are a couple of unused functions in the script, acl_group_to_string and acls_to_string, which appear to be alternate versions of functions that are used. We should keep only one pair, unless there's a good reason to have both. I have a suggestion for the constants in afp.lua. Use hex literals instead of decimal to make it more clear when a value is a bit flag. In other words, change this: EveryoneSearch = 65536, EveryoneRead = 131072, EveryoneWrite = 262144, to this: EveryoneSearch = 0x10000, EveryoneRead = 0x20000, EveryoneWrite = 0x40000, You have this comment at the top of afp.lua: -- The library currently has enough functionality to query share names and access controls. -- More functionality will be added once more scripts that depend on it are developed. I think that's a good practice to follow in general for NSE libraries. It's not possible to predict future needs exactly, and it's not good to be stuck with an awkward interface or with a feature that has bugs because there was nothing that used it. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- AFP showmount script Patrik Karlsson (Jan 04)
- Re: AFP showmount script David Fifield (Jan 12)
- Re: AFP showmount script Patrik Karlsson (Jan 12)
- Re: AFP showmount script Patrik Karlsson (Jan 13)
- Re: AFP showmount script David Fifield (Jan 20)
- Re: AFP showmount script Patrik Karlsson (Jan 20)
- Re: AFP showmount script David Fifield (Jan 12)