[Openvas-devel] SMB authentication problems...
bchandra at secpod.com
Thu Apr 2 07:28:56 CEST 2009
From: Tim Brown [mailto:timb at nth-dimension.org.uk]
Sent: Thursday, April 02, 2009 5:39 AM
To: Chandrashekhar B
Cc: openvas-devel at wald.intevation.org
Subject: Re: [Openvas-devel] SMB authentication problems...
On Wednesday 01 April 2009 10:44:00 Chandrashekhar B wrote:
>> I tested this patch and it seems to partially work. It works when I try
>> anonymous SMB login but, says "SMB ERROR: ACCESS DENIED" when I supply
>> credentials. I think the hash computation logic might not be working
>> So, if we include this patch, it'll break the existing Plugins that work
>> based on credentials. I suggest, we write new functions in smb_nt.inc to
>> separately call NTLM functions, at least till the time we fix the
>> credentials based check.
>> With this patch included, both ms08-067-conficker.nasl and
>> secpod_ms08-067_900056.nasl work anonymously.
> I think SMB is a similar case to SSH where we need the first class
> protocol support that using a major projects code (Samba I suppose) would
> give us. As such I fully support any work in this direction. (Another
> possibility would
> be to port Core's impacket to NASL with NASL functions for any crypto
> specific elements?)
I would think they can co-exist, Samba/WMI methods for all high level
functionality like access to registry, file, process etc., and for all low
level functionality (SMB, DCERPC) we need an alternative to smb_nt.inc. This
is where I think Impacket could help. If we could fix the current crypto
patch you provided, it'll be very useful for now.
More information about the Openvas-devel