SMB Vuln Plugin Update
SMB Vuln plugin now runs all smb-vuln-* scripts in one command instead of only three in separate commands. This duplicates some work from the regular Nmap SMB scan but not too much. Manual command will only scan smb-vuln-* scripts that are marked as "dos".
This commit is contained in:
		
							parent
							
								
									b41ad27548
								
							
						
					
					
						commit
						406f6cba78
					
				|  | @ -11,14 +11,8 @@ class SMBVuln(ServiceScan): | ||||||
| 		self.match_service_name(['^smb', '^microsoft\-ds', '^netbios']) | 		self.match_service_name(['^smb', '^microsoft\-ds', '^netbios']) | ||||||
| 
 | 
 | ||||||
| 	async def run(self, service): | 	async def run(self, service): | ||||||
| 		await service.execute('nmap {nmap_extra} -sV -p {port} --script="smb-vuln-ms06-025" --script-args="unsafe=1" -oN "{scandir}/{protocol}_{port}_smb_ms06-025.txt" -oX "{scandir}/xml/{protocol}_{port}_smb_ms06-025.xml" {address}') | 		await service.execute('nmap {nmap_extra} -sV -p {port} --script="smb-vuln-*" --script-args="unsafe=1" -oN "{scandir}/{protocol}_{port}_smb_vulnerabilities.txt" -oX "{scandir}/xml/{protocol}_{port}_smb_vulnerabilities.xml" {address}') | ||||||
| 		await service.execute('nmap {nmap_extra} -sV -p {port} --script="smb-vuln-ms07-029" --script-args="unsafe=1" -oN "{scandir}/{protocol}_{port}_smb_ms07-029.txt" -oX "{scandir}/xml/{protocol}_{port}_smb_ms07-029.xml" {address}') |  | ||||||
| 		await service.execute('nmap {nmap_extra} -sV -p {port} --script="smb-vuln-ms08-067" --script-args="unsafe=1" -oN "{scandir}/{protocol}_{port}_smb_ms08-067.txt" -oX "{scandir}/xml/{protocol}_{port}_smb_ms08-067.xml" {address}') |  | ||||||
| 
 | 
 | ||||||
| 	def manual(self, service, plugin_was_run): | 	def manual(self, service, plugin_was_run): | ||||||
| 		if not plugin_was_run: # Only suggest these if they weren't run. | 		if not plugin_was_run: # Only suggest these if they weren't run. | ||||||
| 			service.add_manual_commands('Nmap scans for SMB vulnerabilities that could potentially cause a DoS if scanned (according to Nmap). Be careful:', [ | 			service.add_manual_commands('Nmap scans for SMB vulnerabilities that could potentially cause a DoS if scanned (according to Nmap). Be careful:', 'nmap {nmap_extra} -sV -p {port} --script="smb-vuln-* and dos" --script-args="unsafe=1" -oN "{scandir}/{protocol}_{port}_smb_vulnerabilities.txt" -oX "{scandir}/xml/{protocol}_{port}_smb_vulnerabilities.xml" {address}') | ||||||
| 				'nmap {nmap_extra} -sV -p {port} --script="smb-vuln-ms06-025" --script-args="unsafe=1" -oN "{scandir}/{protocol}_{port}_smb_ms06-025.txt" -oX "{scandir}/xml/{protocol}_{port}_smb_ms06-025.xml" {address}', |  | ||||||
| 				'nmap {nmap_extra} -sV -p {port} --script="smb-vuln-ms07-029" --script-args="unsafe=1" -oN "{scandir}/{protocol}_{port}_smb_ms07-029.txt" -oX "{scandir}/xml/{protocol}_{port}_smb_ms07-029.xml" {address}', |  | ||||||
| 				'nmap {nmap_extra} -sV -p {port} --script="smb-vuln-ms08-067" --script-args="unsafe=1" -oN "{scandir}/{protocol}_{port}_smb_ms08-067.txt" -oX "{scandir}/xml/{protocol}_{port}_smb_ms08-067.xml" {address}' |  | ||||||
| 			]) |  | ||||||
|  |  | ||||||
|  | @ -17,7 +17,7 @@ from autorecon.io import slugify, e, fformat, cprint, debug, info, warn, error, | ||||||
| from autorecon.plugins import Pattern, PortScan, ServiceScan, Report, AutoRecon | from autorecon.plugins import Pattern, PortScan, ServiceScan, Report, AutoRecon | ||||||
| from autorecon.targets import Target, Service | from autorecon.targets import Target, Service | ||||||
| 
 | 
 | ||||||
| VERSION = "2.0.25" | VERSION = "2.0.26" | ||||||
| 
 | 
 | ||||||
| if not os.path.exists(config['config_dir']): | if not os.path.exists(config['config_dir']): | ||||||
| 	shutil.rmtree(config['config_dir'], ignore_errors=True, onerror=None) | 	shutil.rmtree(config['config_dir'], ignore_errors=True, onerror=None) | ||||||
|  |  | ||||||
|  | @ -1,6 +1,6 @@ | ||||||
| [tool.poetry] | [tool.poetry] | ||||||
| name = "autorecon" | name = "autorecon" | ||||||
| version = "2.0.25" | version = "2.0.26" | ||||||
| description = "A multi-threaded network reconnaissance tool which performs automated enumeration of services." | description = "A multi-threaded network reconnaissance tool which performs automated enumeration of services." | ||||||
| authors = ["Tib3rius"] | authors = ["Tib3rius"] | ||||||
| license = "GNU GPL v3" | license = "GNU GPL v3" | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue