nbss.rb

spoonfork



Friday, April 28. 2006

nbss.rb

nbss.rb is a NetBIOS shares scanner, well not really, but more of a wrapper for smbclient and nmblookup to search for shares on Windows machines. the scan result is somewhat-nicely formatted in html (sample). it was written in a haste during a recent pen-test assignment a few enhancements would make it better:

  • using threads for faster scans. currently, the IPs are scanned sequentially, scanning a large network (especially when there are non-Windows machines around) take some time. however, i haven't really tested Ruby threads, so...

  • the HTML output needs face lift :-)

  • results of scans are concatenated and printed after all scans are done - reducing memory usage by writing results of each scanned IP will solve this.

  • some of the error messages in the output file need to be supressed.

  • a -u username and -p password arguments for scanning. right now the scans are done as anonymous user.

  • testing whether the shares are readable and writeable using supplied credentials (or anonymous user) - very good for penetration testing


like i say, it was written in a haste, but it works for me. the preferred usage is by feeding nbss.rb with a file containing a list of IPs to scan (IPs of windows machine already scanned using nmap), and then piping the output to a file (nbss.rb ip.txt > result.html). also, you need to have samba and ipadmin installed.

listening to: everything but the girl - each and everyone






Posted by at 22:49 | Comments (3) | Trackbacks (0)
Tag(s):
Related entries by tags:
Migrating from Wordpress to Serendipity
bashing the shell
Gimp.app: Fixing Random Crashes on OS X Leopard
Installing PostgreSQL 8.2.5 on Leopard
Leopard - First Glimpse

Trackbacks
Trackback specific URI for this entry

No Trackbacks

Comments
Display comments as (Linear | Threaded)

ruby threads suck atm.
#1 foo jonson on 2006-06-28 05:30 (Reply)
boss, is the stuff downloadable? Couldn't get it somehow
#2 adli (Homepage) on 2006-06-14 11:38 (Reply)
require 'ipaddr'

...

begin
ip = IPAddr.new ARGV.shift
...

rescue ArgumentError
p "Invalid IP"
end
#3 Sey (Homepage) on 2006-05-08 13:41 (Reply)

Add Comment



Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA
 
 

About

This is the personal blog of Mel Mudin (spoonfork). All data and information provided on this site is for informational purposes and on an as-is basis.

This weblog does not represent the thoughts, intentions, plans or strategies of my employers. It is solely my opinion and views as a kambing biri-biri.

Feel free to challenge me, disagree with me, or even tell me that I am a kambing biri-biri wannabee in the comment section of each blog entry.

Quicksearch

Archives

September 2008
August 2008
July 2008
Recent...
Older...

Show tagged entries

Syndicate This Blog