Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: passing a domain to mssql scripts

From: Paulino Calderon <paulino () calderonpale com>
Date: Mon, 4 Feb 2019 14:26:26 -0500
Hey,

Those are the correct arguments and this looks like a bug. I checked the error line and it seems you are not using the 
latest version. Can you reproduce this with the latest version?

If the error still happens, can you share the output using -d2?

Thanks.

Paulino Calderon Pale || @calderpwn on Twitter || http://www.calderonpale.com




On Jan 31, 2019, at 18:33, Robin Wood <robin@digi.ninja> wrote:

Hi
How do I pass domain creds to an mssql script? I tried
mssql.domain=xxx but that gave an error about openssl.encrypt:

nmap -p 1433 --script ms-sql-config  -oA xxx -empty --script-args
mssql.username=qqq,mssql.password=xxx,mssql.domain=abc -d abc

NSE: Starting ms-sql-config against abc (1.2.3.2:1433).
NSE: [ms-sql-config 1.2.3.2:1433] brandedVersion: 2005, #lookup: 5
NSE: [ms-sql-config 1.2.3.2:1433] brandedVersion: nil, #lookup: 0
NSE: [ms-sql-config 1.2.3.2:1433] LM Password: 593837254b5534534052
NSE: ms-sql-config against xxxl (1.2.3.2:1433) threw an error!
/usr/bin/../share/nmap/nselib/smbauth.lua:442: bad argument #4 to
'encrypt' (string expected, got table)
stack traceback:
       [C]: in function 'openssl.encrypt'
       /usr/bin/../share/nmap/nselib/smbauth.lua:442: in function
'smbauth.lm_create_response'
       /usr/bin/../share/nmap/nselib/smbauth.lua:693: in function
'smbauth.get_password_response'
       /usr/bin/../share/nmap/nselib/mssql.lua:3164: in field 'NtlmResponse'
       /usr/bin/../share/nmap/nselib/mssql.lua:1947: in method 'ToString'
       /usr/bin/../share/nmap/nselib/mssql.lua:2747: in function
</usr/bin/../share/nmap/nselib/mssql.lua:2699>
       (...tail calls...)
       /usr/bin/../share/nmap/scripts/ms-sql-config.nse:112: in
upvalue 'process_instance'
       /usr/bin/../share/nmap/scripts/ms-sql-config.nse:149: in
function </usr/bin/../share/nmap/scripts/ms-sql-config.nse:141>
       (...tail calls...)

Robin
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: