OXIESEC PANEL
- Current Dir:
/
/
usr
/
share
/
nmap
/
nselib
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
08/07/2020 12:36:00 PM
rwxr-xr-x
📄
afp.lua
71.92 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ajp.lua
16.69 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
amqp.lua
10.5 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
anyconnect.lua
4.45 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
asn1.lua
14.57 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
base32.lua
7.33 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
base64.lua
5.67 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bin.lua
12.89 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bit.lua
2.43 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bitcoin.lua
16.99 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bits.lua
1.82 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bittorrent.lua
40.77 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bjnp.lua
9.45 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
brute.lua
50.04 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
cassandra.lua
5.78 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
citrixxml.lua
16 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
coap.lua
76.24 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
comm.lua
10.75 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
creds.lua
18.22 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
cvs.lua
3.13 KB
04/16/2018 01:11:39 AM
rw-r--r--
📁
data
-
08/07/2020 12:36:00 PM
rwxr-xr-x
📄
datafiles.lua
11.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
datetime.lua
1.16 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dhcp.lua
29.17 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dhcp6.lua
19.87 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dns.lua
51.44 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dnsbl.lua
19.02 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dnssd.lua
12.57 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
drda.lua
24.2 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
eap.lua
7.64 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
eigrp.lua
14.47 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
formulas.lua
5.35 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ftp.lua
9.03 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
geoip.lua
1.71 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
giop.lua
18.44 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
gps.lua
3.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
http.lua
105.81 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
httpspider.lua
36.15 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
iax2.lua
9.6 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ike.lua
15.02 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
imap.lua
9.59 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
informix.lua
39.76 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ipOps.lua
26.92 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ipmi.lua
10.02 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ipp.lua
12.54 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
irc.lua
757 bytes
04/16/2018 01:11:39 AM
rw-r--r--
📄
iscsi.lua
21.45 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
isns.lua
15.34 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
jdwp.lua
43.57 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
json.lua
11.65 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ldap.lua
31.86 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
lfs.luadoc
1.68 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
libssh2-utility.lua
4.39 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
libssh2.luadoc
4.75 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
listop.lua
4.66 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
lpeg-utility.lua
5.64 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
lpeg.luadoc
351 bytes
04/16/2018 01:11:39 AM
rw-r--r--
📄
ls.lua
10.96 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
match.lua
2.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
membase.lua
9.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mobileme.lua
8.46 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mongodb.lua
21.29 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mqtt.lua
28.95 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
msrpc.lua
179.93 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
msrpcperformance.lua
29.72 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
msrpctypes.lua
167.61 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mssql.lua
110.87 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
multicast.lua
6.1 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mysql.lua
17.09 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
natpmp.lua
5.04 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ncp.lua
36 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ndmp.lua
11.58 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
netbios.lua
13.9 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
nmap.luadoc
40.34 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
nrpc.lua
4.42 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
nsedebug.lua
3.49 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
omp2.lua
4.77 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
openssl.luadoc
7.08 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ospf.lua
15.29 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
packet.lua
36.65 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pcre.luadoc
6.79 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pgsql.lua
20.61 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pop3.lua
5.7 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pppoe.lua
29.95 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
proxy.lua
12.04 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rdp.lua
11.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
re.lua
8.22 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
redis.lua
3.59 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rmi.lua
47.89 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rpc.lua
106.22 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rpcap.lua
11.19 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rsync.lua
5.19 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rtsp.lua
8.67 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sasl.lua
16.38 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
shortport.lua
8.01 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sip.lua
30.56 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
slaxml.lua
17.9 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smb.lua
175.85 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smb2.lua
16.32 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smbauth.lua
37.53 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smtp.lua
19.81 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
snmp.lua
15.99 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
socks.lua
8.26 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
srvloc.lua
12.25 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ssh1.lua
8.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ssh2.lua
11.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sslcert.lua
33.34 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sslv2.lua
9.63 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
stdnse.lua
45.93 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
strbuf.lua
4.52 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
strict.lua
2.53 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
stun.lua
11.51 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tab.lua
3.35 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
target.lua
3.93 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tftp.lua
9.38 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tls.lua
56.16 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tn3270.lua
43.75 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tns.lua
64.17 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
unicode.lua
14.32 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
unittest.lua
12.33 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
unpwdb.lua
10.08 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
upnp.lua
11.18 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
url.lua
12.09 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
versant.lua
8.6 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
vnc.lua
23.3 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
vulns.lua
76.29 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
vuzedht.lua
16.62 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
wsdd.lua
12.03 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
xdmcp.lua
11.9 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
xmpp.lua
15.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
Editing: upnp.lua
Close
--- A UPNP library based on code from upnp-info initially written by -- Thomas Buchanan. The code was factored out from upnp-info and partly -- re-written by Patrik Karlsson <patrik@cqure.net> in order to support -- multicast requests. -- -- The library supports sending UPnP requests and decoding the responses -- -- The library contains the following classes -- * <code>Comm</code> -- ** A class that handles communication with the UPnP service -- * <code>Helper</code> -- ** The helper class wraps the <code>Comm</code> class using functions with a more descriptive name. -- * <code>Util</code> -- ** The <code>Util</code> class contains a number of static functions mainly used to convert and sort data. -- -- The following code snippet queries all UPnP services on the network: -- <code> -- local helper = upnp.Helper:new() -- helper:setMulticast(true) -- return stdnse.format_output(helper:queryServices()) -- </code> -- -- This next snippet queries a specific host for the same information: -- <code> -- local helper = upnp.Helper:new(host, port) -- return stdnse.format_output(helper:queryServices()) -- </code> -- -- -- @author Thomas Buchanan -- @author Patrik Karlsson <patrik@cqure.net> -- -- Version 0.1 -- local http = require "http" local ipOps = require "ipOps" local nmap = require "nmap" local stdnse = require "stdnse" local string = require "string" local table = require "table" local target = require "target" _ENV = stdnse.module("upnp", stdnse.seeall) Util = { --- Compare function used for sorting IP-addresses -- -- @param a table containing first item -- @param b table containing second item -- @return true if a is less than b ipCompare = function(a, b) return ipOps.compare_ip(a, "lt", b) end, } Comm = { --- Creates a new Comm instance -- -- @param host string containing the host name or ip -- @param port number containing the port to connect to -- @return o a new instance of Comm new = function( self, host, port ) local o = {} setmetatable(o, self) self.__index = self o.host = host o.port = port o.mcast = false return o end, --- Connect to the server -- -- @return status true on success, false on failure connect = function( self ) if ( self.mcast ) then self.socket = nmap.new_socket("udp") self.socket:set_timeout(5000) else self.socket = nmap.new_socket() self.socket:set_timeout(5000) local status, err = self.socket:connect(self.host, self.port, "udp" ) if ( not(status) ) then return false, err end end return true end, --- Send the UPNP discovery request to the server -- -- @return status true on success, false on failure sendRequest = function( self ) -- for details about the UPnP message format, see http://upnp.org/resources/documents.asp local payload = 'M-SEARCH * HTTP/1.1\r\n\z Host:239.255.255.250:1900\r\n\z ST:upnp:rootdevice\r\n\z Man:"ssdp:discover"\r\n\z MX:3\r\n\r\n' local status, err if ( self.mcast ) then status, err = self.socket:sendto( self.host, self.port, payload ) else status, err = self.socket:send( payload ) end if ( not(status) ) then return false, err end return true end, --- Receives one or multiple UPNP responses depending on whether -- <code>setBroadcast</code> was enabled or not. -- -- The function returns the -- status and a response containing: -- * an array (table) of responses if broadcast is used -- * a single response if broadcast is not in use -- * an error message if status was false -- -- @return status true on success, false on failure -- @return result table or string containing results or error message -- on failure. receiveResponse = function( self ) local status, response local result = {} local host_responses = {} repeat status, response = self.socket:receive() if ( not(status) and #response == 0 ) then return false, response elseif( not(status) ) then break end local status, _, _, ip, _ = self.socket:get_info() if ( not(status) ) then return false, "Failed to retrieve socket information" end if target.ALLOW_NEW_TARGETS then target.add(ip) end if ( not(host_responses[ip]) ) then local status, output = self:decodeResponse( response ) if ( not(status) ) then return false, "Failed to decode UPNP response" end output = { output } output.name = ip table.insert( result, output ) host_responses[ip] = true end until ( not( self.mcast ) ) if ( self.mcast ) then table.sort(result, Util.ipCompare) return true, result end if ( status and #result > 0 ) then return true, result[1] else return false, "Received no responses" end end, --- Processes a response from a upnp device -- -- @param response as received over the socket -- @return status boolean true on success, false on failure -- @return response table or string suitable for output or error message if status is false decodeResponse = function( self, response ) local output = {} if response ~= nil then -- We should get a response back that has contains one line for the server, and one line for the xml file location -- these match any combination of upper and lower case responses local server, location server = string.match(response, "[Ss][Ee][Rr][Vv][Ee][Rr]:%s*(.-)\r?\n") if server ~= nil then table.insert(output, "Server: " .. server ) end location = string.match(response, "[Ll][Oo][Cc][Aa][Tt][Ii][Oo][Nn]:%s*(.-)\r?\n") if location ~= nil then table.insert(output, "Location: " .. location ) local v = nmap.verbosity() -- the following check can output quite a lot of information, so we require at least one -v flag if v > 0 then local status, result = self:retrieveXML( location ) if status then table.insert(output, result) end end end if #output > 0 then return true, output else return false, "Could not decode response" end end end, --- Retrieves the XML file that describes the UPNP device -- -- @param location string containing the location of the XML file from the UPNP response -- @return status boolean true on success, false on failure -- @return response table or string suitable for output or error message if status is false retrieveXML = function( self, location ) local response local options = {} options['header'] = {} options['header']['Accept'] = "text/xml, application/xml, text/html" -- if we're in multicast mode, or if the user doesn't want us to override the IP address, -- just use the HTTP library to grab the XML file if ( self.mcast or ( not self.override ) ) then response = http.get_url( location, options ) else -- otherwise, split the location into an IP address, port, and path name for the xml file local xhost, xport, xfile xhost = string.match(location, "http://(.-)/") -- check to see if the host portion of the location specifies a port -- if not, use port 80 as a standard web server port if xhost ~= nil and string.match(xhost, ":") then xport = string.match(xhost, ":(.*)") xhost = string.match(xhost, "(.*):") end -- check to see if the IP address returned matches the IP address we scanned if xhost ~= self.host.ip then stdnse.debug1("IP addresses did not match! Found %s, using %s instead.", xhost, self.host.ip) xhost = self.host.ip end if xport == nil then xport = 80 end -- extract the path name from the location field, but strip off the \r that HTTP servers return xfile = string.match(location, "http://.-(/.-)\013") if xfile ~= nil then response = http.get( xhost, xport, xfile, options ) end end if response ~= nil then local output = {} -- extract information about the webserver that is handling responses for the UPnP system local webserver = response['header']['server'] if webserver ~= nil then table.insert(output, "Webserver: " .. webserver) end -- the schema for UPnP includes a number of <device> entries, which can a number of interesting fields for device in string.gmatch(response['body'], "<deviceType>(.-)</UDN>") do local fn, mnf, mdl, nm, ver fn = string.match(device, "<friendlyName>(.-)</friendlyName>") mnf = string.match(device, "<manufacturer>(.-)</manufacturer>") mdl = string.match(device, "<modelDescription>(.-)</modelDescription>") nm = string.match(device, "<modelName>(.-)</modelName>") ver = string.match(device, "<modelNumber>(.-)</modelNumber>") if fn ~= nil then table.insert(output, "Name: " .. fn) end if mnf ~= nil then table.insert(output,"Manufacturer: " .. mnf) end if mdl ~= nil then table.insert(output,"Model Descr: " .. mdl) end if nm ~= nil then table.insert(output,"Model Name: " .. nm) end if ver ~= nil then table.insert(output,"Model Version: " .. ver) end end return true, output else return false, "Could not retrieve XML file" end end, --- Enables or disables multicast support -- -- @param mcast boolean true if multicast is to be used, false otherwise setMulticast = function( self, mcast ) assert( type(mcast)=="boolean", "mcast has to be either true or false") self.mcast = mcast local family = nmap.address_family() self.host = (family=="inet6" and "FF02::C" or "239.255.255.250") self.port = 1900 end, --- Closes the socket close = function( self ) self.socket:close() end } Helper = { --- Creates a new helper instance -- -- @param host string containing the host name or ip -- @param port number containing the port to connect to -- @return o a new instance of Helper new = function( self, host, port ) local o = {} setmetatable(o, self) self.__index = self o.comm = Comm:new( host, port ) return o end, --- Enables or disables multicast support -- -- @param mcast boolean true if multicast is to be used, false otherwise setMulticast = function( self, mcast ) self.comm:setMulticast(mcast) end, --- Enables or disables whether the script will override the IP address is the Location URL -- -- @param override boolean true if override is to be enabled, false otherwise setOverride = function( self, override ) assert( type(override)=="boolean", "override has to be either true or false") self.comm.override = override end, --- Sends a UPnP queries and collects a single or multiple responses -- -- @return status true on success, false on failure -- @return result table or string containing results or error message -- on failure. queryServices = function( self ) local status, err = self.comm:connect() local response if ( not(status) ) then return false, err end status, err = self.comm:sendRequest() if ( not(status) ) then return false, err end status, response = self.comm:receiveResponse() self.comm:close() return status, response end, } return _ENV;