[Plugins-writers] what's wrong with this

• Previous message: Doug Nordwall: "Re: [Plugins-writers] reading specific registry values on remote computers with Domain Admin priveleges"
• Next in thread: Nicolas Pouvesle: "Re: [Plugins-writers] what's wrong with this"
• Reply: Nicolas Pouvesle: "Re: [Plugins-writers] what's wrong with this"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I'm writing up a policy compliance script... all it does is check to see if
the credentials provided can log into the box. They happen to be domain
credentials, and I'm trying to see if the box is on the domain. If not, it
elevates to critical.

 desc["english"] = "
Synopsis :

This machine does not appear to be in the domain provided

Description :

This machine does not appear to be in the domain provided


Risk factor :

None / CVSS Base Score : 0
(AV:L/AC:H/Au:R/C:N/A:N/I:N/B:N)";


if(description)
{
 script_id(30395);
 script_version("$Revision: 1.9 $");
 name["english"] = "Check for domain membership";

 script_name(english:name["english"]);

 script_description(english:desc["english"]);

 summary["english"] = "Checks to see if the machine is in the domain
provided";


 script_summary(english:summary["english"]);

 script_category(ACT_GATHER_INFO);


 script_copyright(english:"This script is borrowed heavily");
 family["english"] = "Policy Compliance";
 script_family(english:family["english"]);
 script_dependencies("netbios_name_get.nasl",
                     "smb_login.nasl");
 script_require_keys("SMB/transport", "SMB/name", "SMB/login",
"SMB/password");
 script_require_ports (139,445);
 exit(0);
}

include ("smb_func.inc");

name    = kb_smb_name();        if(!name)exit(0);
login   = kb_smb_login();
pass    = kb_smb_password();
domain  = kb_smb_domain();
port    = kb_smb_transport();

if ( ! get_port_state(port) ) exit(0);
soc = open_sock_tcp(port);
if ( ! soc ) exit(0);

display("we're in the script and made it to the socket\n");

session_init(socket:soc, hostname:name);
r = NetUseAdd(login:login, password:pass, domain:domain, share:"IPC$");
NetUseDel();
if ( r != 1 )
{
 report += string("\n\n", name, " doesn't appear to be on the domain",
domain);
 report = string (desc["english"], report);
 display("we couldn't login\n");
 security_hole(port:port, data:report);
}

-- 
Doug Nordwall
Unix, Network, and Security Administrator
Noise proves nothing. Often a hen who has merely laid an egg cackles as if
she laid an asteroid. -- Mark Twain



_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers

• Previous message: Doug Nordwall: "Re: [Plugins-writers] reading specific registry values on remote computers with Domain Admin priveleges"
• Next in thread: Nicolas Pouvesle: "Re: [Plugins-writers] what's wrong with this"
• Reply: Nicolas Pouvesle: "Re: [Plugins-writers] what's wrong with this"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Thu Oct 19 2006 - 14:24:01 PDT