summaryrefslogtreecommitdiffstats
path: root/scripts/smb-protocols.nse
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-17 07:42:04 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-17 07:42:04 +0000
commit0d47952611198ef6b1163f366dc03922d20b1475 (patch)
tree3d840a3b8c0daef0754707bfb9f5e873b6b1ac13 /scripts/smb-protocols.nse
parentInitial commit. (diff)
downloadnmap-0d47952611198ef6b1163f366dc03922d20b1475.tar.xz
nmap-0d47952611198ef6b1163f366dc03922d20b1475.zip
Adding upstream version 7.94+git20230807.3be01efb1+dfsg.upstream/7.94+git20230807.3be01efb1+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--scripts/smb-protocols.nse71
1 files changed, 71 insertions, 0 deletions
diff --git a/scripts/smb-protocols.nse b/scripts/smb-protocols.nse
new file mode 100644
index 0000000..1862d3e
--- /dev/null
+++ b/scripts/smb-protocols.nse
@@ -0,0 +1,71 @@
+local smb = require "smb"
+local stdnse = require "stdnse"
+local nmap = require "nmap"
+
+description = [[
+Attempts to list the supported protocols and dialects of a SMB server.
+
+The script attempts to initiate a connection using the dialects:
+* NT LM 0.12 (SMBv1)
+* 2.0.2 (SMBv2)
+* 2.1 (SMBv2)
+* 3.0 (SMBv3)
+* 3.0.2 (SMBv3)
+* 3.1.1 (SMBv3)
+
+Additionally if SMBv1 is found enabled, it will mark it as insecure. This
+script is the successor to the (removed) smbv2-enabled script.
+]]
+
+---
+-- @usage nmap -p445 --script smb-protocols <target>
+-- @usage nmap -p139 --script smb-protocols <target>
+--
+-- @output
+-- | smb-protocols:
+-- | dialects:
+-- | NT LM 0.12 (SMBv1) [dangerous, but default]
+-- | 2.0.2
+-- | 2.1
+-- | 3.0
+-- | 3.0.2
+-- |_ 3.1.1
+--
+-- @xmloutput
+-- <table key="dialects">
+-- <elem>NT LM 0.12 (SMBv1) [dangerous, but default]</elem>
+-- <elem>2.0.2</elem>
+-- <elem>2.1</elem>
+-- <elem>3.0</elem>
+-- <elem>3.0.2</elem>
+-- <elem>3.1.1</elem>
+-- </table>
+---
+
+author = "Paulino Calderon"
+license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
+categories = {"safe", "discovery"}
+
+hostrule = function(host)
+ return smb.get_port(host) ~= nil
+end
+
+action = function(host,port)
+ local status, supported_dialects = smb.list_dialects(host)
+ if status then
+ for i, v in pairs(supported_dialects) do -- Mark SMBv1 as insecure
+ if v == "NT LM 0.12" then
+ supported_dialects[i] = v .. " (SMBv1) [dangerous, but default]"
+ end
+ end
+ if #supported_dialects > 0 then
+ local output = stdnse.output_table()
+ output.dialects = supported_dialects
+ return output
+ end
+ end
+ stdnse.debug1("No dialects were accepted")
+ if nmap.verbosity()>1 then
+ return "No dialects accepted. Something may be blocking the responses"
+ end
+end