Re: inputfile, script arguments and smb authentication

[Andrew Smith <eurodrew555 () yahoo com au>]

On 29/04/10 11:00, Ron wrote:
> On Thu, 29 Apr 2010 10:03:47 +0800 Andrew Smith
> <eurodrew555 () yahoo com au>  wrote:
>    
> > I have taken a quick look within smb.lua and it appears the
> > authentication fallback of smbuser/guest/NULL is hardcoded - does
> > anyone know if it's possible to force a NULL session without
> > attempting the guest login? Just trying to look at ways to try to
> > discover host info without setting of the host IDS. I would also
> > prefer not to modify any of the scripts unless it can be pushed into
> > the next nmap release.
> >      
> There's no way to do it currently. I originally made 'guest' a special option that was off by default, but eventually 
> decided that there was no reason anybody would want to *not* use guest -- you finally gave me a reason.
>
> I've attached a patch that adds an argument called 'smbnoguest'. Add --script-args=smbnoguest=1 to your scan and you 
> should be good to go.
>
> Let me know if it works -- if it does, I'll commit it to the main svn.
>
> Thanks for the feedback!
>
>    
Hi Ron,

I've applied your patch it works perfectly - with smbnoguest=1 there is 
only an ANONYMOUS LOGON event whereas without it there is a Logon Failure.
I still get my smb-os-discovery results using NULL so all good and no 
IDS alerts!

Many thanks,
Andrew





Send instant messages to your online friends http://au.messenger.yahoo.com 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/