Hi,
a few new features have been added to the NSE in the last few days.
They are in the svn version, please test them and comment.
* the binlib, see [1]
* the hashlib, see below
* the SNMP library, see [2]
* the base64 library, see below
* the POP3 library
_hashlib_
Four functions have been added to NSE:
* hash.md5(data)
* hash.sha1(data)
* hash.md5bin(data)
* hash.sha1bin(data)
The first two provide the digest as a hex string, the bin-versions
return the raw data.
It's independent of openssl being present.
_Base 64 library_
Is located in base64.lua and features two functions:
* base64.enc(data) encodes a given string,
* base64.dec(b64data) decodes it
_POP3 library_
The capabilities function was already presented in [3].
The library now features functions for several login methods:
* login_user (...)
* login_apop (...)
* login_sasl_plain (...)
* login_sasl_login (...)
* login_sasl_crammd5 (...)
Each function takes three arguments, for example
login_user(socket, user, pw), except login_apop which
takes a fourth containing the server challenge necessary
for APOP authentication. They expect to be called at the
beginning of a POP3 session , right after the server greeting.
They return a boolean for success notification and an
error code (see err table in pop3.lua).
brutePOP3.nse demonstrates an example usage.
_Scripts_
Other newly added scripts include a modified version of
Thomas Buchanan's SNMPsysdesr.nse using the SNMP
library and SNMPcommunitybrute.nse trying to guess
the community string.
[1] http://nmap.org/book/nse-library.html#nse-binlib
[2] http://seclists.org/nmap-dev/2008/q3/0032.html
[3] http://seclists.org/nmap-dev/2008/q2/0787.html
cheers,
Philip
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Aug 03 2008
Intro
