From 0d47952611198ef6b1163f366dc03922d20b1475 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Wed, 17 Apr 2024 09:42:04 +0200
Subject: Adding upstream version 7.94+git20230807.3be01efb1+dfsg.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 scripts/nbns-interfaces.nse | 69 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)
 create mode 100644 scripts/nbns-interfaces.nse

(limited to 'scripts/nbns-interfaces.nse')

diff --git a/scripts/nbns-interfaces.nse b/scripts/nbns-interfaces.nse
new file mode 100644
index 0000000..5ab6b24
--- /dev/null
+++ b/scripts/nbns-interfaces.nse
@@ -0,0 +1,69 @@
+local shortport = require "shortport"
+local netbios = require "netbios"
+local nmap = require "nmap"
+local stdnse = require "stdnse"
+local string = require "string"
+local table = require "table"
+
+description = [[
+Retrieves IP addresses of the target's network interfaces via NetBIOS NS.
+Additional network interfaces may reveal more information about the target,
+including finding paths to hidden non-routed networks via multihomed systems.
+]]
+
+---
+-- @usage
+-- nmap -sU -p 137 --script nbns-interfaces <host>
+--
+-- @output
+-- PORT    STATE SERVICE
+-- 137/udp open  netbios-ns
+-- | nbns-interfaces:
+-- |   hostname: NOTEBOOK-NB3
+-- |   interfaces:
+-- |     10.5.4.89
+-- |     192.168.56.1
+-- |_    172.24.80.1
+-- MAC Address: 9C:7B:EF:AA:BB:CC (Hewlett Packard)
+--
+-- @xmloutput
+-- <elem key="hostname">NOTEBOOK-NB3</elem>
+-- <table key="interfaces">
+--   <elem>10.5.4.89</elem>
+--   <elem>192.168.56.1</elem>
+--   <elem>172.24.80.1</elem>
+-- </table>
+---
+
+author = {"Andrey Zhukov from USSC"}
+license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
+
+categories = {"default", "discovery", "safe"}
+
+portrule = nmap.address_family() == 'inet' -- NBNS is IPv4 only
+           and shortport.portnumber(137, "udp")
+           or function () return false end
+
+get_ip = function (buf)
+  return table.concat({buf:byte(1, 4)}, ".")
+end
+
+action = function (host)
+  local output = stdnse.output_table()
+  local status, server_name = netbios.get_server_name(host)
+  if not (status and server_name) then
+    return stdnse.format_output(false, "Failed to get NetBIOS server name of the target")
+  end
+  local status, result = netbios.nbquery(host, server_name)
+  if not status then
+    return stdnse.format_output(false, "Failed to get remote network interfaces")
+  end
+  output.hostname = server_name
+  output.interfaces = {}
+  for _, v in ipairs(result) do
+    for i=1, #v.data, 6 do
+      output.interfaces[#output.interfaces + 1] = get_ip(v.data:sub(i+2, i+2+3))
+    end
+  end
+  return output
+end
-- 
cgit v1.2.3