diff options
Diffstat (limited to 'scripts/socks-auth-info.nse')
-rw-r--r-- | scripts/socks-auth-info.nse | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/scripts/socks-auth-info.nse b/scripts/socks-auth-info.nse new file mode 100644 index 0000000..091e6d0 --- /dev/null +++ b/scripts/socks-auth-info.nse @@ -0,0 +1,65 @@ +local shortport = require "shortport" +local socks = require "socks" +local table = require "table" + +description = [[ +Determines the supported authentication mechanisms of a remote SOCKS +proxy server. Starting with SOCKS version 5 socks servers may support +authentication. The script checks for the following authentication +types: + 0 - No authentication + 1 - GSSAPI + 2 - Username and password +]] + +--- +-- @usage +-- nmap -p 1080 <ip> --script socks-auth-info +-- +-- @output +-- PORT STATE SERVICE +-- 1080/tcp open socks +-- | socks-auth-info: +-- | No authentication +-- |_ Username and password +-- +-- @xmloutput +-- <table> +-- <elem key="method">0</elem> +-- <elem key="name">No authentication</elem> +-- </table> +-- <table> +-- <elem key="method">2</elem> +-- <elem key="name">Username and password</elem> +-- </table> + +author = "Patrik Karlsson" +license = "Same as Nmap--See https://nmap.org/book/man-legal.html" +categories = {"discovery", "safe", "default"} + +portrule = shortport.port_or_service({1080, 9050}, {"socks", "socks5", "tor-socks"}) + +action = function(host, port) + + local helper = socks.Helper:new(host, port) + local auth_methods = {} + + -- iterate over all authentication methods as the server only responds with + -- a single supported one if we send a list. + local mt = { __tostring = function(t) return t.name end } + for _, method in pairs(socks.AuthMethod) do + local status, response = helper:connect( method ) + if ( status ) then + local out = { + method = response.method, + name = helper:authNameByNumber(response.method) + } + setmetatable(out, mt) + table.insert(auth_methods, out) + end + end + + helper:close() + if ( 0 == #auth_methods ) then return end + return auth_methods +end |