[Openvas-devel] SMB authentication problems...

Chandrashekhar B bchandra at secpod.com
Wed Apr 1 11:44:00 CEST 2009


I tested this patch and it seems to partially work. It works when I try
anonymous SMB login but, says "SMB ERROR: ACCESS DENIED" when I supply
credentials. I think the hash computation logic might not be working
appropriately. 

So, if we include this patch, it'll break the existing Plugins that work
based on credentials. I suggest, we write new functions in smb_nt.inc to
separately call NTLM functions, at least till the time we fix the
credentials based check.

With this patch included, both ms08-067-conficker.nasl and
secpod_ms08-067_900056.nasl work anonymously. 

Thanks,
Chandra. 


-----Original Message-----
From: openvas-devel-bounces at wald.intevation.org
[mailto:openvas-devel-bounces at wald.intevation.org] On Behalf Of Tim Brown
Sent: Wednesday, April 01, 2009 2:30 AM
To: openvas-devel at wald.intevation.org
Subject: [Openvas-devel] SMB authentication problems...

All,

Attached is a patch which essentially provides a forward port of Nessus's
old 
LM/NTLM et al routines for SMB (with some minor changes to use GNU TLS where

possible).  These were taken from a Nessus 2.0.9 tar ball I had to hand.  
They seem broken but if we merge this patch at least we'll have a starting 
point to fix whatever bugs may exist.  I'll take a further look when I get a

chance but in the meantime if anyone wants to have a play, feel free.

Cheers,
Tim
-- 
Tim Brown
<mailto:timb at nth-dimension.org.uk>
<http://www.nth-dimension.org.uk/>



More information about the Openvas-devel mailing list