Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: SMB version detection (issue #2744) #2745

Closed
wants to merge 1 commit into from

Conversation

yammesicka
Copy link

@yammesicka yammesicka commented Nov 15, 2023

- Since nmap version 7.93 the versions of SMB servers are returned in wrong format.
- This commit fixes the root cause by changing `tohex` function.
- `stdnse.tohex` is called from smb2 scripts to generate the name of the version.
- See GH issue nmap#2744 for further details.
Copy link

@nnposter nnposter left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This code is problematic on several counts:

  • Per documentation, the separator is an arbitrary string, not a single character. The code would have to be significantly redesigned to make it work as expected.
  • The code does not account for the possibility that the separator might be a character with special meaning when used inside Lua patterns.
  • The replacement value is unnecessarily recalculated with every substitution. This should be moved out of the loop, just like pat already is, to avoid performance penalty.

See #2901 for a more comprehensive fix.

@nnposter nnposter self-assigned this Aug 5, 2024
@nmap-bot nmap-bot closed this in c661b0a Aug 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants