[NSE] db2.lua DRDA patches for Informix and Derby

[Patrik Karlsson <patrik () cqure net>]

Hi all,

Like I've mentioned previously [1] the db2 library implements a minimal subset of the DRDA protocol needed to 
authenticate using plain-text passwords.
Today, I made the needed changes to the library in order to support authenticating against:
- IBM DB2
- IBM Informix Dynamic Server
- Apache Derby

In addition I made a few changes in regards to communication and parsing responses.
I've tested the changes against the above 3 database servers running on Windows and Linux and it seems to work well.
Apache Derby does not provide any authentication per default so all usernames and passwords will come up as successful.
The following presentation includes details on how to enabled authentication in Derby [2]

The attached patch contains the changes needed in order to get this working and with the patches in [1] the db2-brute 
scripts should work against all three DBs.
I'm also attaching a revised patch against nmap-service-probes, the only change is that I've added the port 1527 which 
is the default for Apache Derby.

//Patrik

[1] http://seclists.org/nmap-dev/2010/q3/158
[2] http://db.apache.org/derby/binaries/jta-WE15.pdf

Attachment: db2.lua.patch
Description:

Attachment: nmap-service-probes-drda.patch
Description:

--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77





_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/