Nmap Development mailing list archives
Re: Bug in mssql.lua library released in nmap-5.35DC1
From: Patrik Karlsson <patrik () cqure net>
Date: Fri, 15 Oct 2010 21:53:29 +0200
Hi Sergey, Thanks for you bug report! I've made the change you proposed and fixed a few other bugs. I've commited the fix as r20627. //Patrik On 15 okt 2010, at 13.30, serge wrote:
Hello! There's an ambiguity in an algorithm of LoginPacket.TDS7CryptPass function of mssql.lua library released in nmap-5.35DC1: - "s" packing of any negative short number at string 621of mssql.lua will always result '80 00' at my debian linux (x86) - the same packing at windows xp (x86) works properly. To avoid this strange behaviour I have change "s" packing to "S" packing at string 621 of mssql.lua (see attached file) and function will work correctly at both linux and windows (x86). May be it would be true to eliminate this ambiguity in bin.pack implementation of next commit of Nmap sources. -- Best wishes, Sergey. <mssql.lua>_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
-- Patrik Karlsson http://www.cqure.net http://www.twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Bug in mssql.lua library released in nmap-5.35DC1 serge (Oct 15)
- Re: Bug in mssql.lua library released in nmap-5.35DC1 Patrik Karlsson (Oct 15)