Home page logo
/

nmap-dev logo Nmap Development mailing list archives

[NSE] New script smb-mbenum
From: Patrik Karlsson <patrik () cqure net>
Date: Tue, 14 Jun 2011 23:36:17 +0200

Hi all,

I've been working on "porting" my popular mbenum tool to Nmap.
MBenum queries the master browser for a list of servers using the NetServerEnum2 function.
In addition to a list of every server name in the domain the master browser keeps track of versions and services 
running on each server.
I therefore think its a great source of information when mapping internal networks.

Implementing it in Nmap wasn't as difficult as I had initially thought but involved making a few changes to the 
call_lanmanapi function in msrpc.lua.
The change involved changing the function arguments and factoring out some of the code to a new function called 
rap_netserverenum2.
The change is based on the documentation in [MS-RAP].pdf provided by Microsoft and as far as I can tell no other script 
or library were using the function.

Anyway, I'm attaching the script and the patch that makes the necessary changes to msrpc.lua.

Cheers,
Patrik

Attachment: msrpc-netserverenum2.patch
Description:

Attachment: smb-mbenum.nse
Description:



--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]