OXIESEC PANEL
- Current Dir:
/
/
usr
/
share
/
nmap
/
nselib
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
08/07/2020 12:36:00 PM
rwxr-xr-x
📄
afp.lua
71.92 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ajp.lua
16.69 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
amqp.lua
10.5 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
anyconnect.lua
4.45 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
asn1.lua
14.57 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
base32.lua
7.33 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
base64.lua
5.67 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bin.lua
12.89 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bit.lua
2.43 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bitcoin.lua
16.99 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bits.lua
1.82 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bittorrent.lua
40.77 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bjnp.lua
9.45 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
brute.lua
50.04 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
cassandra.lua
5.78 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
citrixxml.lua
16 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
coap.lua
76.24 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
comm.lua
10.75 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
creds.lua
18.22 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
cvs.lua
3.13 KB
04/16/2018 01:11:39 AM
rw-r--r--
📁
data
-
08/07/2020 12:36:00 PM
rwxr-xr-x
📄
datafiles.lua
11.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
datetime.lua
1.16 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dhcp.lua
29.17 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dhcp6.lua
19.87 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dns.lua
51.44 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dnsbl.lua
19.02 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dnssd.lua
12.57 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
drda.lua
24.2 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
eap.lua
7.64 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
eigrp.lua
14.47 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
formulas.lua
5.35 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ftp.lua
9.03 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
geoip.lua
1.71 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
giop.lua
18.44 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
gps.lua
3.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
http.lua
105.81 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
httpspider.lua
36.15 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
iax2.lua
9.6 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ike.lua
15.02 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
imap.lua
9.59 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
informix.lua
39.76 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ipOps.lua
26.92 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ipmi.lua
10.02 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ipp.lua
12.54 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
irc.lua
757 bytes
04/16/2018 01:11:39 AM
rw-r--r--
📄
iscsi.lua
21.45 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
isns.lua
15.34 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
jdwp.lua
43.57 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
json.lua
11.65 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ldap.lua
31.86 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
lfs.luadoc
1.68 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
libssh2-utility.lua
4.39 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
libssh2.luadoc
4.75 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
listop.lua
4.66 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
lpeg-utility.lua
5.64 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
lpeg.luadoc
351 bytes
04/16/2018 01:11:39 AM
rw-r--r--
📄
ls.lua
10.96 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
match.lua
2.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
membase.lua
9.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mobileme.lua
8.46 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mongodb.lua
21.29 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mqtt.lua
28.95 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
msrpc.lua
179.93 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
msrpcperformance.lua
29.72 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
msrpctypes.lua
167.61 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mssql.lua
110.87 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
multicast.lua
6.1 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mysql.lua
17.09 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
natpmp.lua
5.04 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ncp.lua
36 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ndmp.lua
11.58 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
netbios.lua
13.9 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
nmap.luadoc
40.34 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
nrpc.lua
4.42 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
nsedebug.lua
3.49 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
omp2.lua
4.77 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
openssl.luadoc
7.08 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ospf.lua
15.29 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
packet.lua
36.65 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pcre.luadoc
6.79 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pgsql.lua
20.61 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pop3.lua
5.7 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pppoe.lua
29.95 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
proxy.lua
12.04 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rdp.lua
11.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
re.lua
8.22 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
redis.lua
3.59 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rmi.lua
47.89 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rpc.lua
106.22 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rpcap.lua
11.19 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rsync.lua
5.19 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rtsp.lua
8.67 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sasl.lua
16.38 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
shortport.lua
8.01 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sip.lua
30.56 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
slaxml.lua
17.9 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smb.lua
175.85 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smb2.lua
16.32 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smbauth.lua
37.53 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smtp.lua
19.81 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
snmp.lua
15.99 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
socks.lua
8.26 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
srvloc.lua
12.25 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ssh1.lua
8.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ssh2.lua
11.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sslcert.lua
33.34 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sslv2.lua
9.63 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
stdnse.lua
45.93 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
strbuf.lua
4.52 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
strict.lua
2.53 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
stun.lua
11.51 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tab.lua
3.35 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
target.lua
3.93 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tftp.lua
9.38 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tls.lua
56.16 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tn3270.lua
43.75 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tns.lua
64.17 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
unicode.lua
14.32 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
unittest.lua
12.33 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
unpwdb.lua
10.08 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
upnp.lua
11.18 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
url.lua
12.09 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
versant.lua
8.6 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
vnc.lua
23.3 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
vulns.lua
76.29 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
vuzedht.lua
16.62 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
wsdd.lua
12.03 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
xdmcp.lua
11.9 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
xmpp.lua
15.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
Editing: membase.lua
Close
--- -- A smallish implementation of the Couchbase Membase TAP protocol -- Based on the scarce documentation from the Couchbase Wiki: -- * http://www.couchbase.org/wiki/display/membase/SASL+Authentication+Example -- -- @args membase.authmech SASL authentication mechanism to use. Default and -- currently supported: PLAIN -- -- @author Patrik Karlsson <patrik@cqure.net> -- local bin = require "bin" local match = require "match" local nmap = require "nmap" local sasl = require "sasl" local stdnse = require "stdnse" local table = require "table" _ENV = stdnse.module("membase", stdnse.seeall) -- A minimalistic implementation of the Couchbase Membase TAP protocol TAP = { -- Operations Op = { LIST_SASL_MECHS = 0x20, AUTHENTICATE = 0x21, }, -- Requests Request = { -- Header breakdown -- Field (offset) (value) -- Magic (0): 0x80 (PROTOCOL_BINARY_REQ) -- Opcode (1): 0x00 -- Key length (2-3): 0x0000 (0) -- Extra length (4): 0x00 -- Data type (5): 0x00 -- vbucket (6-7): 0x0000 (0) -- Total body (8-11): 0x00000000 (0) -- Opaque (12-15): 0x00000000 (0) -- CAS (16-23): 0x0000000000000000 (0) Header = { -- Creates a new instance of Header -- @param opcode number containing the operation -- @return o new instance of Header new = function(self, opcode) local o = { magic = 0x80, opcode = tonumber(opcode), keylen = 0x0000, extlen = 0x00, data_type = 0x00, vbucket = 0x0000, total_body = 0x00000000, opaque = 0x00000000, CAS = 0x0000000000000000, } setmetatable(o, self) self.__index = self return o end, -- Converts the header to string -- @return string containing the Header as string __tostring = function(self) return bin.pack(">CCSCCSIIL", self.magic, self.opcode, self.keylen, self.extlen, self.data_type, self.vbucket, self.total_body, self.opaque, self.CAS) end, }, -- List SASL authentication mechanism SASLList = { -- Creates a new instance of the request -- @return o instance of request new = function(self) local o = { -- 0x20 SASL List Mechs header = TAP.Request.Header:new(TAP.Op.LIST_SASL_MECHS) } setmetatable(o, self) self.__index = self return o end, -- Converts the request to string -- @return string containing the request as string __tostring = function(self) return tostring(self.header) end, }, -- Authenticates using SASL Authenticate = { -- Creates a new instance of the request -- @param username string containing the username -- @param password string containing the password -- @param mech string containing the SASL mechanism, currently supported: -- PLAIN - plain-text authentication -- @return o instance of request new = function(self, username, password, mech) local o = { -- 0x20 SASL List Mechs header = TAP.Request.Header:new(TAP.Op.AUTHENTICATE), username = username, password = password, mech = mech, } setmetatable(o, self) self.__index = self return o end, -- Converts the request to string -- @return string containing the request as string __tostring = function(self) if ( self.mech == "PLAIN" ) then local mech_params = { self.username, self.password } local auth_data = sasl.Helper:new(self.mech):encode(table.unpack(mech_params)) self.header.keylen = #self.mech self.header.total_body = #auth_data + #self.mech return tostring(self.header) .. self.mech .. auth_data end end, } }, -- Responses Response = { -- The response header -- Header breakdown -- Field (offset) (value) -- Magic (0): 0x81 (PROTOCOL_BINARY_RES) -- Opcode (1): 0x00 -- Key length (2-3): 0x0000 (0) -- Extra length (4): 0x00 -- Data type (5): 0x00 -- Status (6-7): 0x0000 (SUCCESS) -- Total body (8-11): 0x00000005 (5) -- Opaque (12-15): 0x00000000 (0) -- CAS (16-23): 0x0000000000000000 (0) Header = { -- Creates a new instance of Header -- @param data string containing the raw data -- @return o new instance of Header new = function(self, data) local o = { data = data } setmetatable(o, self) self.__index = self if ( o:parse() ) then return o end end, -- Parse the raw header and populates the class members -- @return status true on success, false on failure parse = function(self) if ( 24 > #self.data ) then stdnse.debug1("membase: Header packet too short (%d bytes)", #self.data) return false, "Packet to short" end local pos pos, self.magic, self.opcode, self.keylen, self.extlen, self.data_type, self.status, self.total_body, self.opaque, self.CAS = bin.unpack(">CCSCCSIIL", self.data) return true end }, -- Decoders Decoder = { -- TAP.Op.LIST_SASL_MECHS [0x20] = { -- Creates a new instance of the decoder -- @param data string containing the raw response -- @return o instance if successfully parsed, nil on failure -- the member variable <code>mechs</code> contains the -- supported authentication mechanisms. new = function(self, data) local o = { data = data } setmetatable(o, self) self.__index = self if ( o:parse() ) then return o end end, -- Parses the raw response -- @return true on success parse = function(self) self.mechs = self.data return true end }, -- Login response [0x21] = { -- Creates a new instance of the decoder -- @param data string containing the raw response -- @return o instance if successfully parsed, nil on failure -- the member variable <code>status</code> contains the -- servers authentication response. new = function(self, data) local o = { data = data } setmetatable(o, self) self.__index = self if ( o:parse() ) then return o end end, -- Parses the raw response -- @return true on success parse = function(self) self.status = self.data return true end } } }, } -- The Helper class is the main script interface Helper = { -- Creates a new instance of the helper -- @param host table as received by the action method -- @param port table as received by the action method -- @param options table including options to the helper, currently: -- <code>timeout</code> - socket timeout in milliseconds new = function(self, host, port, options) local o = { host = host, port = port, mech = stdnse.get_script_args("membase.authmech"), options = options or {} } setmetatable(o, self) self.__index = self return o end, -- Connects the socket to the server -- @return true on success, false on failure connect = function(self) self.socket = nmap.new_socket() self.socket:set_timeout(self.options.timeout or 10000) return self.socket:connect(self.host, self.port) end, -- Closes the socket close = function(self) return self.socket:close() end, -- Sends a request to the server, receives and parses the response -- @param req a Request instance -- @return status true on success, false on failure -- @return response instance of Response exch = function(self, req) local status, err = self.socket:send(tostring(req)) if ( not(status) ) then return false, "Failed to send data" end local data status, data = self.socket:receive_buf(match.numbytes(24), true) if ( not(status) ) then return false, "Failed to receive data" end local header = TAP.Response.Header:new(data) if ( header.opcode ~= req.header.opcode ) then stdnse.debug1("WARNING: Received invalid op code, request contained (%d), response contained (%d)", req.header.opcode, header.opcode) end if ( not(TAP.Response.Decoder[tonumber(header.opcode)]) ) then return false, ("No response handler for opcode: %d"):format(header.opcode) end local status, data = self.socket:receive_buf(match.numbytes(header.total_body), true) if ( not(status) ) then return false, "Failed to receive data" end local response = TAP.Response.Decoder[tonumber(header.opcode)]:new(data) if ( not(response) ) then return false, "Failed to parse response from server" end return true, response end, -- Gets list of supported SASL authentication mechanisms getSASLMechList = function(self) return self:exch(TAP.Request.SASLList:new()) end, -- Logins to the server -- @param username string containing the username -- @param password string containing the password -- @param mech string containing the SASL mechanism to use -- @return status true on success, false on failure -- @return response string containing "Auth failure" on failure login = function(self, username, password, mech) mech = mech or self.mech or "PLAIN" local status, response = self:exch(TAP.Request.Authenticate:new(username, password, mech)) if ( not(status) ) then return false, "Auth failure" end if ( response.status == "Auth failure" ) then return false, response.status end return true, response.status end, } return _ENV;