Is there any equivalent Metasploit Script that can generate the following output #16234

flamecopper · 2022-02-27T01:44:40Z

flamecopper
Feb 27, 2022

https://nmap.org/nsedoc/scripts/smb2-security-mode.html
| smb2-security-mode:
| 3.1.1:
|_ Message signing enabled but not required

Answered by bcoles

Feb 27, 2022

The auxiliary/scanner/smb/smb_version module performs some fingerpinting and feature detection. This includes a check for SMB signing. If message signing is disabled the module should output (signatures:optional).

metasploit-framework/modules/auxiliary/scanner/smb/smb_version.rb

Lines 195 to 213 in f3228b4

     if simple.client.peer_require_signing  
   desc << ' (signatures:required)'  
   else  
   desc << ' (signatures:optional)'  
   report_vuln({  
   host: ip,  
   port: rport,  
   proto: 'tcp',  
   name: 'SMB Signing Is Not Required',  
   refs: [  
   SiteReference.new('URL', 'https://support.microsoft.com/en-us/help/161372/how-to-enable-smb-signing-in-windows-nt'),  
   S…

View full answer

bcoles · 2022-02-27T04:59:35Z

bcoles
Feb 27, 2022
Collaborator

The auxiliary/scanner/smb/smb_version module performs some fingerpinting and feature detection. This includes a check for SMB signing. If message signing is disabled the module should output (signatures:optional).

metasploit-framework/modules/auxiliary/scanner/smb/smb_version.rb

Lines 195 to 213 in f3228b4

    
           if simple.client.peer_require_signing 
        
             desc << ' (signatures:required)' 
        
           else 
        
             desc << ' (signatures:optional)' 
        
             report_vuln({ 
        
               host: ip, 
        
               port: rport, 
        
               proto: 'tcp', 
        
               name: 'SMB Signing Is Not Required', 
        
               refs: [ 
        
                 SiteReference.new('URL', 'https://support.microsoft.com/en-us/help/161372/how-to-enable-smb-signing-in-windows-nt'), 
        
                 SiteReference.new('URL', 'https://support.microsoft.com/en-us/help/887429/overview-of-server-message-block-signing'), 
        
               ] 
        
             }) 
        
           end 
        
           desc << " (uptime:#{info[:uptime]})" if info[:uptime] 
        
           desc << " (guid:#{Rex::Text.to_guid(info[:server_guid])})" if info[:server_guid] 
        
           desc << " (authentication domain:#{info[:auth_domain]})" if info[:auth_domain] 
        
           lines << { type: :status, message: desc }

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Is there any equivalent Metasploit Script that can generate the following output #16234

{{title}}

Replies: 1 comment

{{title}}

Select a reply

	if simple.client.peer_require_signing
	desc << ' (signatures:required)'
	else
	desc << ' (signatures:optional)'
	report_vuln({
	host: ip,
	port: rport,
	proto: 'tcp',
	name: 'SMB Signing Is Not Required',
	refs: [
	SiteReference.new('URL', 'https://support.microsoft.com/en-us/help/161372/how-to-enable-smb-signing-in-windows-nt'),
	S…

Is there any equivalent Metasploit Script that can generate the following output #16234

flamecopper Feb 27, 2022

Replies: 1 comment

bcoles Feb 27, 2022 Collaborator

flamecopper
Feb 27, 2022

bcoles
Feb 27, 2022
Collaborator