Skip to content

fix: SMB version detection (issue #2744)#2745

Closed
yammesicka wants to merge 1 commit intonmap:masterfrom
yammesicka:patch-1
Closed

fix: SMB version detection (issue #2744)#2745
yammesicka wants to merge 1 commit intonmap:masterfrom
yammesicka:patch-1

Conversation

@yammesicka
Copy link

@yammesicka yammesicka commented Nov 15, 2023
edited
Loading

@yammesicka
fix: SMB version detection (issue nmap#2744)
9880287 
- Since nmap version 7.93 the versions of SMB servers are returned in wrong format.
- This commit fixes the root cause by changing `tohex` function.
- `stdnse.tohex` is called from smb2 scripts to generate the name of the version.
- See GH issue nmap#2744 for further details.
nnposter
nnposter reviewed Aug 5, 2024
View reviewed changes
Copy link

@nnposter nnposter left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This code is problematic on several counts:

  • Per documentation, the separator is an arbitrary string, not a single character. The code would have to be significantly redesigned to make it work as expected.
  • The code does not account for the possibility that the separator might be a character with special meaning when used inside Lua patterns.
  • The replacement value is unnecessarily recalculated with every substitution. This should be moved out of the loop, just like pat already is, to avoid performance penalty.

See #2901 for a more comprehensive fix.

@nnposter nnposter self-assigned this Aug 5, 2024
@nmap-bot nmap-bot closed this in c661b0a Aug 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nnposter nnposter nnposter left review comments

Assignees

@nnposter nnposter

Labels

bug NSE

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@yammesicka @nnposter