summaryrefslogtreecommitdiffstats
path: root/scripts/socks-auth-info.nse
diff options
context:
space:
mode:
Diffstat (limited to 'scripts/socks-auth-info.nse')
-rw-r--r--scripts/socks-auth-info.nse65
1 files changed, 65 insertions, 0 deletions
diff --git a/scripts/socks-auth-info.nse b/scripts/socks-auth-info.nse
new file mode 100644
index 0000000..091e6d0
--- /dev/null
+++ b/scripts/socks-auth-info.nse
@@ -0,0 +1,65 @@
+local shortport = require "shortport"
+local socks = require "socks"
+local table = require "table"
+
+description = [[
+Determines the supported authentication mechanisms of a remote SOCKS
+proxy server. Starting with SOCKS version 5 socks servers may support
+authentication. The script checks for the following authentication
+types:
+ 0 - No authentication
+ 1 - GSSAPI
+ 2 - Username and password
+]]
+
+---
+-- @usage
+-- nmap -p 1080 <ip> --script socks-auth-info
+--
+-- @output
+-- PORT STATE SERVICE
+-- 1080/tcp open socks
+-- | socks-auth-info:
+-- | No authentication
+-- |_ Username and password
+--
+-- @xmloutput
+-- <table>
+-- <elem key="method">0</elem>
+-- <elem key="name">No authentication</elem>
+-- </table>
+-- <table>
+-- <elem key="method">2</elem>
+-- <elem key="name">Username and password</elem>
+-- </table>
+
+author = "Patrik Karlsson"
+license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
+categories = {"discovery", "safe", "default"}
+
+portrule = shortport.port_or_service({1080, 9050}, {"socks", "socks5", "tor-socks"})
+
+action = function(host, port)
+
+ local helper = socks.Helper:new(host, port)
+ local auth_methods = {}
+
+ -- iterate over all authentication methods as the server only responds with
+ -- a single supported one if we send a list.
+ local mt = { __tostring = function(t) return t.name end }
+ for _, method in pairs(socks.AuthMethod) do
+ local status, response = helper:connect( method )
+ if ( status ) then
+ local out = {
+ method = response.method,
+ name = helper:authNameByNumber(response.method)
+ }
+ setmetatable(out, mt)
+ table.insert(auth_methods, out)
+ end
+ end
+
+ helper:close()
+ if ( 0 == #auth_methods ) then return end
+ return auth_methods
+end