Re: inputfile, script arguments and smb authentication

[Ron <ron () skullsecurity net>]

On Thu, 29 Apr 2010 10:03:47 +0800 Andrew Smith
<eurodrew555 () yahoo com au> wrote:
> I have taken a quick look within smb.lua and it appears the 
> authentication fallback of smbuser/guest/NULL is hardcoded - does
> anyone know if it's possible to force a NULL session without
> attempting the guest login? Just trying to look at ways to try to
> discover host info without setting of the host IDS. I would also
> prefer not to modify any of the scripts unless it can be pushed into
> the next nmap release.

There's no way to do it currently. I originally made 'guest' a special option that was off by default, but eventually 
decided that there was no reason anybody would want to *not* use guest -- you finally gave me a reason.

I've attached a patch that adds an argument called 'smbnoguest'. Add --script-args=smbnoguest=1 to your scan and you 
should be good to go. 

Let me know if it works -- if it does, I'll commit it to the main svn. 

Thanks for the feedback!

-- 
Ron Bowes
http://www.skullsecurity.org
http://www.twitter.com/iagox86

Attachment: smbnoguest.diff
Description:

Attachment: _bin
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/