RE: [Plugins-writers] user&pass

• Previous message: christian houle: "[Plugins-writers] user&pass"
• In reply to: christian houle: "[Plugins-writers] user&pass"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I slightly modified (in RED) the Main script part of
smb_login_as_users.nasl

Think it will work??? I imagine it will still treat these as domain
accounts because I did not change the domain option correct??? 


#----------------------------------------------------------------#
# 			  main()                                 #
#----------------------------------------------------------------#



name = kb_smb_name();
if(!name)exit(0);

if(!get_port_state(port))exit(0);

dom = kb_smb_domain();

finished = 0;
count = 1;
vuln = "";

okcount = 1;
login = kb_smb_login();
pass  = kb_smb_password();

set_kb_item(name:string("SMB/ValidUsers/0/Login"), value:login);
set_kb_item(name:string("SMB/ValidUsers/0/Password"), value:pass);

current = "SMB/LocalUsers";


while(!finished)
{
 login = string(get_kb_item(string(current, count)));
 if(!login){
  	count = 0;
	finished = 1;
	  }
 else
 {
  if(log_in(login:login, pass:"", domain:dom))
  {
   vuln = vuln + string(". User '", login, "' has NO password !\n");
   a = string("SMB/ValidUsers/", okcount, "/Login");
   b = string("SMB/ValidUsers/", okcount, "/Password");
   set_kb_item(name:a, value:login);
   set_kb_item(name:b, value:"");
   okcount = okcount + 1;
  }
  else if(log_in(login:login, pass:login, domain:dom))
  {
   vuln = vuln + string(". The password of '", login, "' is '", login,
"' !\n");
   a = string("SMB/ValidUsers/", okcount, "/Login");
   b = string("SMB/ValidUsers/", okcount, "/Password");
   set_kb_item(name:a, value:login);
   set_kb_item(name:b, value:login);
   okcount = okcount + 1;
  }
 }
 count = count + 1;
}

if(strlen(vuln))
{
 security_hole(port:port, data:vuln);
}

Regards,
--
Christian Houle
 

-----Original Message-----
From: plugins-writers-bounces@private
[mailto:plugins-writers-bounces@private] On Behalf Of christian
houle
Sent: Tuesday, November 18, 2003 2:51 PM
To: plugins-writers@private
Subject: [Plugins-writers] user&pass

Hello,

is there a way or an existing plugin that permits you to scan local
users of 
a windows system & then try to get access with them (netbios/smb).

ex:

it would grab the list of local users & try the username & password as
the 
same thing to get access.

I understand that there is plugin that grabs the local users accounts.

I dont want to reinvent the wheel ...

_________________________________________________________________
Protect your PC - get McAfee.com VirusScan Online  
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963

_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers





_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers

• Previous message: christian houle: "[Plugins-writers] user&pass"
• In reply to: christian houle: "[Plugins-writers] user&pass"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Nov 20 2003 - 07:38:02 PST