1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
local nmap = require "nmap"
local smb = require "smb"
local string = require "string"
local stdnse = require "stdnse"
description = [[
Checks whether or not a server is running the SMBv2 protocol.
]]
---
--@usage
-- nmap --script smbv2-enabled.nse -p445 <host>
-- sudo nmap -sU -sS --script smbv2-enabled.nse -p U:137,T:139 <host>
--
--@output
-- Host script results:
-- |_ smb-v2-enabled: Server supports SMBv2 protocol
--
-- Host script results:
-- |_ smb-v2-enabled: Server doesn't support SMBv2 protocol
--
-- @xmloutput
-- false
author = "Ron Bowes"
copyright = "Ron Bowes"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"default", "safe"}
hostrule = function(host)
return smb.get_port(host) ~= nil
end
local function go(host)
local status, smbstate, result
local dialects = { "NT LM 0.12", "SMB 2.002", "SMB 2.???" }
local overrides = {dialects=dialects}
status, smbstate = smb.start(host)
if(not(status)) then
return false, "Couldn't start SMB session: " .. smbstate
end
status, result = smb.negotiate_protocol(smbstate, overrides)
if(not(status)) then
if(string.find(result, "SMBv2")) then
return true, "Server supports SMBv2 protocol", true
end
return false, "Couldn't negotiate protocol: " .. result
end
return true, "Server doesn't support SMBv2 protocol", false
end
action = function(host)
local status, result, flag = go(host)
if(not(status)) then
return stdnse.format_output(false, result)
end
return flag, result
end
|
