Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: smb scripts against Windows 7?
From: Patrik Karlsson <patrik () cqure net>
Date: Wed, 6 Jun 2012 23:44:59 +0200

On Wed, Jun 6, 2012 at 12:00 PM, Patrik Karlsson <patrik () cqure net> wrote:

On Wed, Jun 6, 2012 at 3:46 AM, David Fifield <david () bamsoftware com>wrote:

I've tried running the smb scripts against Windows 7 SP1, with
disappointing results. I have a share set up, and I'm providing a user
name and password. I can mount the share from Linux as a cifs mount.

Interestingly I see a bunch of users in the debug output, but not in the
script output. Is this a problem with a new authentication method?

Yes it is and it also applies to Windows 2008. I've started looking in to

Patrik Karlsson

This patch seems to fix authentication for Windows 7 and 2008 for me.
Wireshark still reports that somethings broken with the authentication
packet, but for the moment it works.
With this working a number of other bugs in scripts have started to appear.
Like eg. the smb-enum-shares finds all shares, but then does a bunch of
anonymous requests, which are no longer supported per default and fails.

There also seems to be some problem with reassembly of some smb packets
being fragmented that I saw on one of my test boxes.
I would like to commit this patch so that we can start working on
addressing the other problems.
Before I do that though, I would appreciate some testing, as this touches
on some central code used by all smb scripts.

The following tests are useful:
- SMB scripts that used to work against a system, should still work
(Windows 2000, 2003, XP ...)
- smb-enum-groups, smb-enum-domains and smb-enum-sessions should now also
work against Windows 2008 and Windows 7

Patrik Karlsson

Attachment: smb-auth-win2008.diff

Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]