OXIESEC PANEL
- Current Dir:
/
/
usr
/
share
/
nmap
/
nselib
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
08/07/2020 12:36:00 PM
rwxr-xr-x
📄
afp.lua
71.92 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ajp.lua
16.69 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
amqp.lua
10.5 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
anyconnect.lua
4.45 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
asn1.lua
14.57 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
base32.lua
7.33 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
base64.lua
5.67 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bin.lua
12.89 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bit.lua
2.43 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bitcoin.lua
16.99 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bits.lua
1.82 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bittorrent.lua
40.77 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bjnp.lua
9.45 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
brute.lua
50.04 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
cassandra.lua
5.78 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
citrixxml.lua
16 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
coap.lua
76.24 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
comm.lua
10.75 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
creds.lua
18.22 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
cvs.lua
3.13 KB
04/16/2018 01:11:39 AM
rw-r--r--
📁
data
-
08/07/2020 12:36:00 PM
rwxr-xr-x
📄
datafiles.lua
11.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
datetime.lua
1.16 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dhcp.lua
29.17 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dhcp6.lua
19.87 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dns.lua
51.44 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dnsbl.lua
19.02 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dnssd.lua
12.57 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
drda.lua
24.2 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
eap.lua
7.64 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
eigrp.lua
14.47 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
formulas.lua
5.35 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ftp.lua
9.03 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
geoip.lua
1.71 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
giop.lua
18.44 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
gps.lua
3.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
http.lua
105.81 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
httpspider.lua
36.15 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
iax2.lua
9.6 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ike.lua
15.02 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
imap.lua
9.59 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
informix.lua
39.76 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ipOps.lua
26.92 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ipmi.lua
10.02 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ipp.lua
12.54 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
irc.lua
757 bytes
04/16/2018 01:11:39 AM
rw-r--r--
📄
iscsi.lua
21.45 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
isns.lua
15.34 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
jdwp.lua
43.57 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
json.lua
11.65 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ldap.lua
31.86 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
lfs.luadoc
1.68 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
libssh2-utility.lua
4.39 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
libssh2.luadoc
4.75 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
listop.lua
4.66 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
lpeg-utility.lua
5.64 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
lpeg.luadoc
351 bytes
04/16/2018 01:11:39 AM
rw-r--r--
📄
ls.lua
10.96 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
match.lua
2.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
membase.lua
9.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mobileme.lua
8.46 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mongodb.lua
21.29 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mqtt.lua
28.95 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
msrpc.lua
179.93 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
msrpcperformance.lua
29.72 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
msrpctypes.lua
167.61 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mssql.lua
110.87 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
multicast.lua
6.1 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mysql.lua
17.09 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
natpmp.lua
5.04 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ncp.lua
36 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ndmp.lua
11.58 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
netbios.lua
13.9 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
nmap.luadoc
40.34 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
nrpc.lua
4.42 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
nsedebug.lua
3.49 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
omp2.lua
4.77 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
openssl.luadoc
7.08 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ospf.lua
15.29 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
packet.lua
36.65 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pcre.luadoc
6.79 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pgsql.lua
20.61 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pop3.lua
5.7 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pppoe.lua
29.95 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
proxy.lua
12.04 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rdp.lua
11.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
re.lua
8.22 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
redis.lua
3.59 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rmi.lua
47.89 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rpc.lua
106.22 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rpcap.lua
11.19 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rsync.lua
5.19 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rtsp.lua
8.67 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sasl.lua
16.38 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
shortport.lua
8.01 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sip.lua
30.56 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
slaxml.lua
17.9 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smb.lua
175.85 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smb2.lua
16.32 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smbauth.lua
37.53 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smtp.lua
19.81 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
snmp.lua
15.99 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
socks.lua
8.26 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
srvloc.lua
12.25 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ssh1.lua
8.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ssh2.lua
11.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sslcert.lua
33.34 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sslv2.lua
9.63 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
stdnse.lua
45.93 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
strbuf.lua
4.52 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
strict.lua
2.53 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
stun.lua
11.51 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tab.lua
3.35 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
target.lua
3.93 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tftp.lua
9.38 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tls.lua
56.16 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tn3270.lua
43.75 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tns.lua
64.17 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
unicode.lua
14.32 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
unittest.lua
12.33 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
unpwdb.lua
10.08 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
upnp.lua
11.18 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
url.lua
12.09 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
versant.lua
8.6 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
vnc.lua
23.3 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
vulns.lua
76.29 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
vuzedht.lua
16.62 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
wsdd.lua
12.03 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
xdmcp.lua
11.9 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
xmpp.lua
15.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
Editing: iax2.lua
Close
--- -- A minimalistic Asterisk IAX2 (Inter-Asterisk eXchange v2) VoIP protocol implementation. -- The library implements the minimum needed to perform brute force password guessing. -- -- @author Patrik Karlsson <patrik@cqure.net> -- local bin = require "bin" local bit = require "bit" local math = require "math" local nmap = require "nmap" local os = require "os" local stdnse = require "stdnse" local openssl = stdnse.silent_require "openssl" local table = require "table" _ENV = stdnse.module("iax2", stdnse.seeall) IAX2 = { FrameType = { IAX = 6, }, SubClass = { ACK = 0x04, REGACK = 0x0f, REGREJ = 0x10, REGREL = 0x11, CALLTOKEN = 0x28, }, InfoElement = { USERNAME = 0x06, CHALLENGE = 0x0f, MD5_RESULT = 0x10, CALLTOKEN = 0x36, }, PacketType = { FULL = 1, }, -- The IAX2 Header Header = { -- Creates a new Header instance -- @param src_call number containing the source call -- @param dst_call number containing the dest call -- @param timestamp number containing a timestamp -- @param oseqno number containing the seqno of outgoing packets -- @param iseqno number containing the seqno of incoming packets -- @param frametype number containing the frame type -- @param subclass number containing the subclass type new = function(self, src_call, dst_call, timestamp, oseqno, iseqno, frametype, subclass) local o = { type = IAX2.PacketType.FULL, retrans = false, src_call = src_call, dst_call = dst_call, timestamp = timestamp, oseqno = oseqno, iseqno = iseqno, frametype = frametype, subclass = subclass, } setmetatable(o, self) self.__index = self return o end, -- Parses data, a byte string, and creates a new Header instance -- @return header instance of Header parse = function(data) local header = IAX2.Header:new() local pos, frame_type = bin.unpack("C", data) if ( bit.band(frame_type, 0x80) == 0 ) then print("frame_type", stdnse.tohex(frame_type)) stdnse.debug2("Frametype not supported") return end header.type = IAX2.PacketType.FULL pos, header.src_call = bin.unpack(">S", data) header.src_call = bit.band(header.src_call, 0x7FFF) local retrans pos, retrans = bin.unpack("C", data, pos) if ( bit.band(retrans, 0x80) == 8 ) then header.retrans = true end pos, header.dst_call = bin.unpack(">S", data, pos - 1) header.dst_call = bit.band(header.dst_call, 0x7FFF) pos, header.timestamp, header.oseqno, header.iseqno, header.frametype, header.subclass = bin.unpack(">ICCCC", data, pos) return header end, -- Converts the instance to a string -- @return str containing the instance __tostring = function(self) assert(self.src_call < 32767, "Source call exceeds 32767") assert(self.dst_call < 32767, "Dest call exceeds 32767") local src_call = self.src_call local dst_call = self.dst_call if ( self.type == IAX2.PacketType.FULL ) then src_call = src_call + 32768 end if ( self.retrans ) then dst_call = dst_call + 32768 end return bin.pack(">SSICCCC", src_call, dst_call, self.timestamp, self.oseqno, self.iseqno, self.frametype, self.subclass) end, }, -- The IAX2 Request class Request = { -- Creates a new instance -- @param header instance of Header new = function(self, header) local o = { header = header, ies = {} } setmetatable(o, self) self.__index = self return o end, -- Sets an Info Element or adds one, in case it's missing -- @param key the key value of the IE to add -- @param value string containing the value to set or add setIE = function(self, key, value) for _, ie in ipairs(self.ies or {}) do if ( key == ie.type ) then ie.value = value end end table.insert(self.ies, { type = key, value = value } ) end, -- Gets an information element -- @param key number containing the element number to retrieve -- @return ie table containing the info element if it exists getIE = function(self, key) for _, ie in ipairs(self.ies or {}) do if ( key == ie.type ) then return ie end end end, -- Converts the instance to a string -- @return str containing the instance __tostring = function(self) local data = "" for _, ie in ipairs(self.ies) do data = data .. bin.pack("Cp", ie.type, ie.value ) end return tostring(self.header) .. data end, }, -- The IAX2 Response Response = { -- Creates a new instance new = function(self) local o = { ies = {} } setmetatable(o, self) self.__index = self return o end, -- Sets an Info Element or adds one, in case it's missing -- @param key the key value of the IE to add -- @param value string containing the value to set or add setIE = function(self, key, value) for _, ie in ipairs(self.ies or {}) do if ( key == ie.type ) then ie.value = value end end table.insert(self.ies, { type = key, value = value } ) end, -- Gets an information element -- @param key number containing the element number to retrieve -- @return ie table containing the info element if it exists getIE = function(self, key) for _, ie in ipairs(self.ies or {}) do if ( key == ie.type ) then return ie end end end, -- Parses data, a byte string, and creates a response -- @return resp instance of response parse = function(data) local resp = IAX2.Response:new() if ( not(resp) ) then return end resp.header = IAX2.Header.parse(data) if ( not(resp.header) ) then return end local pos = 13 resp.ies = {} repeat local ie = {} pos, ie.type, ie.value = bin.unpack(">Cp", data, pos) table.insert(resp.ies, ie) until( pos > #data ) return resp end, } } Helper = { -- Creates a new Helper instance -- @param host table as received by the action method -- @param port table as received by the action method -- @param options table containing helper options, currently -- <code>timeout</code> socket timeout in ms -- @return o instance of Helper new = function(self, host, port, options) local o = { host = host, port = port, options = options or {} } setmetatable(o, self) self.__index = self return o end, -- Connects the UDP socket to the server -- @return status true on success, false on failure -- @return err message containing error if status is false connect = function(self) self.socket = nmap.new_socket() self.socket:set_timeout(self.options.timeout or 5000) return self.socket:connect(self.host, self.port) end, -- Sends a request to the server and receives the response -- @param req instance containing the request to send to the server -- @return status true on success, false on failure -- @return resp instance of response on success, -- err containing the error message on failure exch = function(self, req) local status, err = self.socket:send(tostring(req)) if ( not(status) ) then return false, "Failed to send request to server" end local status, data = self.socket:receive() if ( not(status) ) then return false, "Failed to receive response from server" end local resp = IAX2.Response.parse(data) return true, resp end, -- Request a session release -- @param username string containing the extension (username) -- @param password string containing the password regRelease = function(self, username, password) local src_call = math.random(32767) local header = IAX2.Header:new(src_call, 0, os.time(), 0, 0, IAX2.FrameType.IAX, IAX2.SubClass.REGREL) local regrel = IAX2.Request:new(header) regrel:setIE(IAX2.InfoElement.USERNAME, username) regrel:setIE(IAX2.InfoElement.CALLTOKEN, "") local status, resp = self:exch(regrel) if ( not(status) ) then return false, resp end if ( not(resp) or IAX2.SubClass.CALLTOKEN ~= resp.header.subclass ) then return false, "Unexpected response" end local token = resp:getIE(IAX2.InfoElement.CALLTOKEN) if ( not(token) ) then return false, "Failed to get token" end regrel:setIE(IAX2.InfoElement.CALLTOKEN, token.value) status, resp = self:exch(regrel) if ( not(status) ) then return false, resp end local challenge = resp:getIE(IAX2.InfoElement.CHALLENGE) if ( not(challenge) ) then return false, "Failed to retrieve challenge from server" end regrel.header.iseqno = 1 regrel.header.oseqno = 1 regrel.header.dst_call = resp.header.src_call regrel.ies = {} local hash = stdnse.tohex(openssl.md5(challenge.value .. password)) regrel:setIE(IAX2.InfoElement.USERNAME, username) regrel:setIE(IAX2.InfoElement.MD5_RESULT, hash) status, resp = self:exch(regrel) if ( not(status) ) then return false, resp end if ( IAX2.SubClass.ACK == resp.header.subclass ) then local data status, data = self.socket:receive() resp = IAX2.Response.parse(data) end if ( status and IAX2.SubClass.REGACK == resp.header.subclass ) then return true end return false, "Release failed" end, -- Close the connection with the server -- @return true on success, false on failure close = function(self) return self.socket:close() end, } return _ENV;