Home page logo
/

nmap-dev logo Nmap Development mailing list archives

[NSE] Named pipe library
From: Chris Woodbury <chris3e3 () gmail com>
Date: Fri, 11 Feb 2011 00:07:48 -0600

In the process of adding named-pipe support to the SQL Server scripts,
I created an NSE library for named pipes[1]. The primary component is
a "named_pipe" class, which is modeled after a socket (i.e. connect(),
disconnect(), send(), receive() ), and it is essentially a wrapper
around calls to the SMB library, with some state and logic to make
things easier. Its main features (aside from its existence) are some
pipe-specific error handling and automatic reassembly of multi-packet
messages. In the course of writing it, I added [2] a few bits of
functionality to smb.lua to support named pipes, including a bugfix
for the handling of the NT_STATUS_BUFFER_OVERFLOW, which, despite its
scary name, means that there's another packet coming to complete the
message. While I'm at it, I have another patch [3] for smb.lua, which
just adds a bit more detail to a few debug messages.

-chris

[1] namedpipes.lua - I'm not sure if this is better kept separate, or
merged into an existing library.
[2] smb_pipe_support.patch
[3] smb_debug.patch

Attachment: namedpipes.lua
Description:

Attachment: smb_debug.patch
Description:

Attachment: smb_pipe_support.patch
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]