From: tenbatsui@yahoo.com
Date: Wed Mar 14 2007 - 16:56:48 EST
script_description(english:desc["english"]);
summary["english"] = "Logs in with our calling Card";
script_summary(english:summary["english"]);
script_category(ACT_GATHER_INFO);
script_copyright(english:"Myname");
family["english"] = "Windows";
script_family(english:family["english"]);
# script_dependencies("smb_login.nasl");
script_require_ports(139);
exit(0);
}
include("smb_func.inc");
flag = 0;
if(get_port_state(445))
{
soc = open_sock_tcp(445);
if(soc){
session_init(socket:soc);
ret = smb_negotiate_protocol ();
close(soc);
if(ret){
set_kb_item(name:"Services/cifs", value:445);
set_kb_item(name:"Known/tcp/445", value:"cifs");
security_note(port:445, data:"A CIFS server is running on this port");
set_kb_item(name:"SMB/transport", value:445);
flag = 1;
}
}
}
if(get_port_state(139))
{
soc = open_sock_tcp(139);
if(soc){
session_init (socket:soc);
called_name = netbios_name (orig:string("TESTingSMB", rand()));
calling_name = netbios_name (orig:NULL);
data = called_name + raw_byte (b:0) +
calling_name + raw_byte (b:0);
r = netbios_sendrecv (type:0x81, data:data);
close(soc);
if(r && (ord(r[0]) == 0x82 || ord(r[0]) == 0x83)) {
set_kb_item(name:"Services/smb", value:139);
set_kb_item(name:"Known/tcp/139", value:"smb");
security_note(port:139, data:"An SMB server is running on this port");
if(!flag)set_kb_item(name:"SMB/transport", value:139);
}
}
}
#include(nfs_func.inc);
#soc = open_sock_tcp(139);
#if (! soc) exit(0);
#mount(soc:soc, share:C$);
#exit(0);
#include("smb_nt.inc");
#login = ("Company_scanning_your_network");
#pass = ("");
#if(get_kb_item("SMB/any_login"))exit(0);
#set_kb_item("SMB/transport, 139");
#port =("139");
#if(!get_port_state(port))exit(0);
#soc = open_sock_tcp(port);
#if (! soc) exit(0);
#smb_session_request(soc:soc, remote:remote);
#smb_neg_prot(soc:soc, data:USCOURTS_TESTING);
#exit(0);
#
#session_init(socket:soc);
#r = NetUseAdd(login:login, password:pass, domain:NULL, share:"IPC$");
#NetUseDel();
#if ( r == 1 ) exit(1);
#
#soc = open_sock_tcp(port);
#if ( ! soc ) exit(0);
#
#session_init(socket:soc);
#r = NetUseAdd(login:login, password:pass, domain:NULL, share:"C$");
#if ( r == 1 ) security_note(port);
#NetUseDel();
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:40 EDT