Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: nmap smb-brute questions

From: Ansgar Wiechers <bugtraq () planetcobalt net>
Date: Tue, 17 Sep 2013 11:17:14 +0200
On 2013-09-16 ToddAndMargo wrote:

When I look at my /etc/services, I get the following smb
services:

      netbios-ns      137/tcp  # NETBIOS Name Service
      netbios-ns      137/udp
      netbios-dgm     138/tcp  # NETBIOS Datagram Service
      netbios-dgm     138/udp
      netbios-ssn     139/tcp  # NETBIOS session service
      netbios-ssn     139/udp
      microsoft-ds    445/tcp
      microsoft-ds    445/udp

Question 1):  Why is the example only checking UDP:137,
and TCP:139?  Ports 137,138,139,445 are all using both
UDP and TCP according to /etc/services.  Is the example
not meant to be a good example?


AFAIK was IANA practice to assign UDP and TCP port number for a service,
regardless of which of the two protocols it actually used. NetBIOS does
not use 137/tcp and 139/udp, so it'd be pointless to scan those ports.

[...]

On the following command, I also get back:
   # nmap --script smb-brute.nse  -p 137,138,139,445 192.168.255.116
   ...
   Host script results:
   | smb-brute:
   |   administrator:<blank> => Valid credentials, account disabled
   |_  guest:<blank> => Valid credentials, account disabled

Question 4): does the "Valid credentials, account disabled" mean
the script could not break in?


Yes.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: