[Openvas-devel] SMB authentication problems...

Chandrashekhar B bchandra at secpod.com
Thu Apr 2 07:28:56 CEST 2009


-----Original Message-----
From: Tim Brown [mailto:timb at nth-dimension.org.uk] 
Sent: Thursday, April 02, 2009 5:39 AM
To: Chandrashekhar B
Cc: openvas-devel at wald.intevation.org
Subject: Re: [Openvas-devel] SMB authentication problems...

On Wednesday 01 April 2009 10:44:00 Chandrashekhar B wrote:
>> I tested this patch and it seems to partially work. It works when I try
>> anonymous SMB login but, says "SMB ERROR: ACCESS DENIED" when I supply
>> credentials. I think the hash computation logic might not be working
>> appropriately.
>>
>> So, if we include this patch, it'll break the existing Plugins that work
>> based on credentials. I suggest, we write new functions in smb_nt.inc to
>> separately call NTLM functions, at least till the time we fix the
>> credentials based check.
>>
>> With this patch included, both ms08-067-conficker.nasl and
>> secpod_ms08-067_900056.nasl work anonymously.



> I think SMB is a similar case to SSH where we need the first class 
> protocol support that using a major projects code (Samba I suppose) would 
> give us.  As such I fully support any work in this direction.  (Another 
> possibility would 
> be to port Core's impacket to NASL with NASL functions for any crypto 
> specific elements?)

I would think they can co-exist, Samba/WMI methods for all high level
functionality like access to registry, file, process etc., and for all low
level functionality (SMB, DCERPC) we need an alternative to smb_nt.inc. This
is where I think Impacket could help. If we could fix the current crypto
patch you provided, it'll be very useful for now.

Thanks,
Chandra.





More information about the Openvas-devel mailing list