Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] NCP library, ncp-serverinfo and ncp-enum-users
From: Patrik Karlsson <patrik () cqure net>
Date: Sun, 22 May 2011 16:51:21 +0200

On Apr 29, 2011, at 10:35 PM, Patrik Karlsson wrote:

I'm attaching a NCP library together with two scripts that make use of it.
The first script ncp-serverinfo collects information from the NCP service using a number of different NCP functions.
The end result looking something like this:

| ncp-serverinfo: 
|   Server name: LINUX-L84T
|   Tree Name: CQURE-LABTREE
|   OS Version: 5.70 (rev 7)
|   Product version: 6.50 (rev 7)
|   OS Language ID: 4
|   Addresses
| 524/udp
| 524/tcp
|   Mounts
|     SYS
|     ADMIN
|_    _ADMIN

The other script ncp-enum-users attempt to enumerate all user objects from the NCP service.
The following output illustrates the result returned from this script:
| ncp-enum-users: 
|   CN=admin.O=cqure
|   CN=cawi.OU=finance.O=cqure
|   CN=linux-l84tadmin.O=cqure
|   CN=nist.OU=hr.O=cqure
|   CN=novlxregd.O=cqure
|   CN=novlxsrvd.O=cqure
|   CN=OESCommonProxy_linux-l84t.O=cqure
|   CN=sasi.OU=hr.O=cqure
|_  CN=wwwrun.O=cqure

The scripts have undergone limited testing against Suse Open Enterprise Server SP3.
Given the fact that documentation is scarce and Wireshark decoding is limited I would appreciate if people with 
access to eDirectory would try the scripts out.
You can try the scripts by running:
nmap -p 524 --script ncp-enum-users
nmap -p 524 --script ncp-serverinfo


Patrik Karlsson

Anyone objecting to me committing these scripts?

Patrik Karlsson

Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]