Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] Patch for duplicate in smb.lua's default shares list
From: Ron <ron () skullsecurity net>
Date: Thu, 3 Feb 2011 15:31:09 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sure, the link of shares we used were just things we thought of - there's no statistics to support the shares we chose 
being the "best". 

On Thu, 3 Feb 2011 15:24:34 -0600 Chris Woodbury <chris3e3 () gmail com> wrote:
You probably had a good reason, which we'll probably find out about
once the list gets a "SMB default share scanning causes XYZ problem"
email ;-)

On a serious note, at the suggestion of one of my colleagues, can we
also add "TEMP" and "SHARE" (in addition to the existing "SHARED") to
the list?

-chris

On Thu, Feb 3, 2011 at 11:14 AM, Ron <ron () skullsecurity net> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 31 Jan 2011 15:34:37 -0600 Chris Woodbury
<chris3e3 () gmail com> wrote:
The default list of shares to look for (line 2783) has "BACKUP"
listed twice. I've attached a patch[1] with the duplicate removed
and the share names listed alphabetically to make this easier to
avoid in the future.

While I was looking at the functionality, I wondered whether it
would be worthwhile to check for most of those share names as
hidden shares (i.e. with a trailing '$') as well. I've attached
another patch[2] that takes the list of shares from [1] (with
hidden shares removed), adds the alphabet shares, and then goes
through the list, adding a hidden share for each.

[1] smb_sharenames1.patch
[2] smb_sharenames2.patch
I think it's a good idea, trying everything as hidden. Honestly, I
forget why I didn't do that in the first place.

Ron
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)

iEYEARECAAYFAk1K4ngACgkQ2t2zxlt4g/SayACeLnE8u6UwMSEtJ1UDaqo7ohR9
ohkAoNMMnYiVeDlGSIanyudwALeBvmn2
=vJJ6
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAk1LHp0ACgkQ2t2zxlt4g/S2+QCfbEim72bE6PDjZ4/bTqTlvStm
8IwAoLDVKLBIdobW6KfXdMmkXQQoSf4P
=Gxf7
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]