Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

[NSE] NCP library, ncp-serverinfo and ncp-enum-users

From: Patrik Karlsson <patrik () cqure net>
Date: Fri, 29 Apr 2011 22:35:25 +0200
I'm attaching a NCP library together with two scripts that make use of it.
The first script ncp-serverinfo collects information from the NCP service using a number of different NCP functions.
The end result looking something like this:

| ncp-serverinfo: 
|   Server name: LINUX-L84T
|   Tree Name: CQURE-LABTREE
|   OS Version: 5.70 (rev 7)
|   Product version: 6.50 (rev 7)
|   OS Language ID: 4
|   Addresses
|     192.168.56.33 524/udp
|     192.168.56.33 524/tcp
|   Mounts
|     SYS
|     ADMIN
|_    _ADMIN

The other script ncp-enum-users attempt to enumerate all user objects from the NCP service.
The following output illustrates the result returned from this script:
| ncp-enum-users: 
|   CN=admin.O=cqure
|   CN=cawi.OU=finance.O=cqure
|   CN=linux-l84tadmin.O=cqure
|   CN=nist.OU=hr.O=cqure
|   CN=novlxregd.O=cqure
|   CN=novlxsrvd.O=cqure
|   CN=OESCommonProxy_linux-l84t.O=cqure
|   CN=sasi.OU=hr.O=cqure
|_  CN=wwwrun.O=cqure


The scripts have undergone limited testing against Suse Open Enterprise Server SP3.
Given the fact that documentation is scarce and Wireshark decoding is limited I would appreciate if people with access 
to eDirectory would try the scripts out.
You can try the scripts by running:
nmap -p 524 192.168.56.33 --script ncp-enum-users
nmap -p 524 192.168.56.33 --script ncp-serverinfo

Thanks,
Patrik

Attachment: ncp.lua
Description:

Attachment: ncp-enum-users.nse
Description:

Attachment: ncp-serverinfo.nse
Description: 


--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: