Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

smb-vuln-ms17-010: handle error when the SMB connection is reset #1254

Closed
wants to merge 1 commit into from

Conversation

@cnotin
Copy link

commented Jun 27, 2018

The HIPS feature of Symantec Endpoint Protection resets the SMB connection when trying to scan for MS17-010.
This was not handled by the code and led to the following wrong message:

Host script results:
|_smb-vuln-ms17-010: Unexpected SMB response:4f525245

We can see that "4f525245" is hex for "ERR". Indeed the return code from smb.smb_read is not checked and the code tries to parse smb_header as a header, whereas in this case it contains an error message.
I copied the code from a few lines above to properly handle the case where the connection is reset.

The result is now:

Host script results:
|_smb-vuln-ms17-010: SMB: ERROR: Server disconnected the connection

Which is hopefully more clear!

@nmap-bot nmap-bot closed this in 6e5e947 Jun 28, 2018

@cnotin cnotin deleted the cnotin:patch-2 branch Feb 6, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
1 participant
You can’t perform that action at this time.