API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 13th, 2016
101
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.28 KB | None | 0 0
raw download clone embed print report
  1. -- Chargement des librairies
  2. local msrpc = require 'msrpc'
  3. local smb = require 'smb'
  4. local nmap = require 'nmap'
  5. local stdnse = require 'stdnse'
  6.  
  7. -- Description du module
  8. description = [[
  9. Uploads a file on the remote host and starts it.
  10. ]]
  11.  
  12. -- Informations générales
  13. author = 'Otto'
  14. license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
  15. categories = {"default", "safe"}
  16.  
  17. -- Règle pour l'execution du script
  18. portrule = function(host, port)
  19. return (port.number == 445 or port.number == 139) and port.protocol == "tcp" and port.state == "open"
  20. end
  21.  
  22. action = function(host, port)
  23. -- Récupérer les paramètres
  24. local domain = stdnse.get_script_args(SCRIPT_NAME .. '.domain') or ''
  25. local username = stdnse.get_script_args(SCRIPT_NAME .. '.username') or ''
  26. local password = stdnse.get_script_args(SCRIPT_NAME .. '.password') or ''
  27. local file = stdnse.get_script_args(SCRIPT_NAME .. '.file') or ''
  28. if(file == '') then
  29. nmap.log_write('stderr', 'You must provide a file path')
  30. return -- Sortie
  31. end
  32. -- Upload du fichier;
  33. smb.file_upload(host,file,"ADMIN$",'\\' .. file, smb.get_overrides(username, domain,password))
  34. ----- Creation du service
  35. -- Connection au serveur distant
  36. status, smbstate = smb.start(host)
  37. if (not status) then
  38. nmap.log_write('stderr', 'Connection to remote server failed')
  39. return
  40. end
  41. -- Negotiation du protocole
  42. status, err = smb.negotiate_protocol(smbstate)
  43. if (not status) then
  44. nmap.log_write('stderr', 'Protocol negotiation failed')
  45. return
  46. end
  47. -- Authentification
  48. status, err = smb.start_session(smbstate, smb.get_overrides(username, domain, password))
  49. if (not status) then
  50. nmap.log_write('stderr', string.format('Session negotiation failed: %s', err))
  51. return
  52. end
  53. -- Connection à l'arbre
  54. status, err = smb.tree_connect(smbstate, "IPC$", smb.get_overrides(username, domain, password))
  55. if (not status) then
  56. nmap.log_write('stderr', 'Unable to connect to IPC$ share')
  57. return
  58. end
  59. ---- Création du service
  60. status, service_manager = msrpc.svcctl_openscmanagera(smbstate,host.ip)
  61. if (not status) then
  62. nmap.log_write('stderr', 'Unable to get a handle on the service manager')
  63. return
  64. end
  65. end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!