Nmap Development mailing list archives
My TODO list for smb/msrpc scripts
From: Ron <ron () skullsecurity net>
Date: Sat, 8 May 2010 16:07:48 -0500
Hey all, Since there's a GSoC student who's planning on looking at the SMB/MSRPC code (good luck! You'll need it ;) ), I thought I'd share my personal TODO list, since I haven't touched the SMB/MSRPC stuff for awhile (aside from bugfixes). I'm sure there are plenty of other things to do, but this is what I wrote down: o Script: Windows system logs (like sysinternals' psloglist) o Script: Services (like psservice) o Look into combining similar scripts, especially the 'get info' stuff o Look into writing a new interface to the SMB/MSRPC libraries that would be based on information type, rather than actual remote functions. Things like get_users(), get_shares(), etc. I've already started this a little at the bottom of smb.lua and msrpc.lua, but I'd move it to its own thing. -> During or after this change, I'd look at finding a way to share the same SMB session through a script (or even multiple scripts) rather than logging in/out dozens of times o Improve domain support all around -- in particular, let the user give the domain in the format DOMAIN\username or username@DOMAIN anywhere that usernames are accepted o smb-brute.nse -- look at how we can resume after a timeout rather than just dying. Perhaps look at how smb bruteforcing can be combined into ncrack (that's a whole other discussion) o Look at writing fuzzer scripts, similar to SPIKE o Add an option to smb-brute.nse to only bruteforce accounts that are detected as admin o Find a way to stop the ms08-067 check from crashing hosts o Look at moving to using .idl files instead of manually coding all the msrpc stuff If I think of more, I'll post them. Ron -- Ron Bowes http://www.skullsecurity.org http://www.twitter.com/iagox86
Attachment:
_bin
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- My TODO list for smb/msrpc scripts Ron (May 08)
- Re: My TODO list for smb/msrpc scripts David Fifield (May 08)
- Re: My TODO list for smb/msrpc scripts Ron (May 08)
- Re: My TODO list for smb/msrpc scripts David Fifield (May 08)