Skip to content

fix: SMB version detection (issue #2744) #2745

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
yammesicka wants to merge 1 commit into from
Closed

fix: SMB version detection (issue #2744) #2745

yammesicka wants to merge 1 commit into from

Conversation

@yammesicka
Copy link

@yammesicka yammesicka commented Nov 15, 2023
edited
Loading

@yammesicka
fix: SMB version detection (issue nmap#2744)
9880287 
- Since nmap version 7.93 the versions of SMB servers are returned in wrong format.
- This commit fixes the root cause by changing `tohex` function.
- `stdnse.tohex` is called from smb2 scripts to generate the name of the version.
- See GH issue nmap#2744 for further details.
nnposter
nnposter reviewed Aug 5, 2024
View reviewed changes
Copy link

@nnposter nnposter left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This code is problematic on several counts:

  • Per documentation, the separator is an arbitrary string, not a single character. The code would have to be significantly redesigned to make it work as expected.
  • The code does not account for the possibility that the separator might be a character with special meaning when used inside Lua patterns.
  • The replacement value is unnecessarily recalculated with every substitution. This should be moved out of the loop, just like pat already is, to avoid performance penalty.

See #2901 for a more comprehensive fix.

@nnposter nnposter self-assigned this Aug 5, 2024
@nmap-bot nmap-bot closed this in c661b0a Aug 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nnposter nnposter nnposter left review comments

Assignees

@nnposter nnposter

Labels

bug NSE

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@yammesicka @nnposter