[NSE] smb-vuln-ms10-054

[Aleksandar Nikolic <nikolic.alek () gmail com>]

Hi all,

another script from ScriptIdeas Solid candidates list done.

I've written the script for ms10-054 vulnerability.
Unfortunately, I have found no way of accurately detecting the
vulnerability without triggering the BSOD, so this script falls into
dos category.
It also has a safety switch in a form of a "unsafe" script arg which
needs to be
set in order to run it. I didn't want someone to run this by accident
and end up
with bunch of blue screens.

The scrip is here for your review and as always, if you have comments and ideas
do share.

Also , you will need this patch to smb.lua as i needed
smb_encode_header in the script:

--- nselib/smb.lua      (revision 29274)
+++ nselib/smb.lua      (revision 29275)
@@ -628,7 +628,7 @@
 --@param command The command to use.
 --@param overrides The overrides table. Keep in mind that overriding
things like flags is generally a very bad idea, unless you know what
you're doing.
 --@return A binary string containing the packed packet header.
-local function smb_encode_header(smb, command, overrides)
+function smb_encode_header(smb, command, overrides)
        -- Make sure we have an overrides array
        overrides = overrides or {}

Aleksandar

Attachment: smb-vuln-ms10-054.nse
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/