Status report #9 of 15

[ithilgore <ithilgore.ryu.l () gmail com>]

Status report #9 of 15


Accomplishments

* Almost finished coding the SMB module. The smb.lua library and
  smb-brute.nse (both written by Ron) have been a great help, acting as a
  guideline for tackling with SMB's overall weird behavior.

* Added some crypto functions (NTLM, LM) that were needed for the SMB
  module and might potentially be used for other MS services (like rdp).
  The code was based on Ron's Nbtool.
  (http://www.skullsecurity.org/wiki/index.php/Nbtool)

* Fixed a nasty bug related to the save/resume process.

* Implemented feature which allows the user to supply a blank password to
  the command-line (--pass "") and made relevant modifications so that the
  .restore file, which is saved by Ncrack at the user's home directory for
  future use with the --resume option, can be parsed correctly.

* Ncrack now supports the double -f (-f -f) option. As I had described
  last week, giving the -f option to Ncrack will make it stop cracking a
  service as soon as it finds a valid username/password combination for
  it. With the -f -f option, Ncrack will stop cracking all services and
  quit immediately, as soon as it finds a valid credential for *any* of
  the services.

* Shared some thoughts on SMB cracking with nmap-dev
  (http://seclists.org/nmap-dev/2010/q2/942)


Priorities

* Finish coding the SMB module.
* Discuss with Fyodor and nmap-dev about user-enumeration possibilities.
* Make improvements on SMB module according to Ron's tricks.
* If time allows, start coding the next module (rdp or http form-auth)


Regards,
ithilgore


-- 
http://sock-raw.org
http://twitter.com/ithilgore
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/