mailing list archives
Re: [NSE] New script smb-mbenum
From: Ron <ron () skullsecurity net>
Date: Thu, 16 Jun 2011 18:03:39 -0500
Weird.. I wrote this once in a hotel room at a conference, at the request of somebody (I don't even remember who!). I
have no idea what happened to it, and why I never submitted it.
Thanks for doing it! :)
On Tue, 14 Jun 2011 23:36:17 +0200 Patrik Karlsson <patrik () cqure net> wrote:
I've been working on "porting" my popular mbenum tool to Nmap.
MBenum queries the master browser for a list of servers using the
NetServerEnum2 function. In addition to a list of every server name
in the domain the master browser keeps track of versions and services
running on each server. I therefore think its a great source of
information when mapping internal networks.
Implementing it in Nmap wasn't as difficult as I had initially
thought but involved making a few changes to the call_lanmanapi
function in msrpc.lua. The change involved changing the function
arguments and factoring out some of the code to a new function called
rap_netserverenum2. The change is based on the documentation in
[MS-RAP].pdf provided by Microsoft and as far as I can tell no other
script or library were using the function.
Anyway, I'm attaching the script and the patch that makes the
necessary changes to msrpc.lua.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/