Home page logo
/
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News

Sponsors


Library creds

The credential class stores found credentials in the Nmap registry

The credentials library may be used by scripts to store credentials in a common format in the nmap registry. The Credentials class serves as a primary interface for scripts to the library.

The State table keeps track of possible account states and a corresponding message to return for each state.

The following code illustrates how a script may add discovered credentials to the database:

local c = creds.Credentials:new( SCRIPT_NAME, host, port )
c:add("patrik", "secret", creds.State.VALID )

The following code illustrates how a script can return a table of discovered credentials at the end of execution:

return tostring(creds.Credentials:new(SCRIPT_NAME, host, port))

The following code illustrates how a script may iterate over discovered credentials:

local c = creds.Credentials:new(creds.ALL_DATA, host, port)
for cred in c:getCredentials(creds.State.VALID) do
  showContentForUser(cred.user, cred.pass)
end

The library also enables users to add credentials through script arguments either globally or per service. These credentials may be retrieved by script through the same functions as any other discovered credentials. Arguments passed using script arguments will be added with the PARAM state. The following code may be used by a scripts to retrieve these credentials:

local c = creds.Credentials:new(creds.ALL_DATA, host, port)
for cred in c:getCredentials(creds.State.PARAM) do
  ... do something ...
end

Any globally added credentials will be made available to all scripts, regardless of what service is being filtered through the host and port arguments when instantiating the Credentials class. Service specific arguments will only be made available to scripts with ports matching the service name. The following two examples illustrate how credentials are added globally and for the http service:

--script-args creds.global='admin:nimda'
--script-args creds.http='webadmin:password'

The service name at this point may be anything and the entry is created dynamically without validating whether the service exists or not.

The credential argument is not documented in this library using the <at>args function as the argument would incorrectly show up in all scripts making use of this library. This would show that credentials could be added to scripts that do not make use of this function. Therefore any scripts that make use of the credentials passing arguments need to have appropriate documentation added to them.

The following code illustrates how a script may save its discovered credentials to a file:

local c = creds.Credentials:new( SCRIPT_NAME, host, port )
c:add("patrik", "secret", creds.State.VALID )
status, err = c:saveToFile("outputname","csv")

Supported output formats are CSV, verbose and plain. In both verbose and plain records are separated by colons. The difference between the two is that verbose includes the credential state. The file extension is automatically added to the filename based on the type requested.

Author:
"Patrik Karlsson <patrik@cqure.net>"

Copyright© Same as Nmap--See http://nmap.org/book/man-legal.html

Source: http://nmap.org/svn/nselib/creds.lua

Functions

__lt (a, b)

Less-than operation for sorting

__tostring (self, host, port)

Get credentials with optional host and port filter If no filters are supplied all records are returned

Account.__tostring (self)

Converts an account object to a printable script

Account.new (self, username, password, state)

Creates a new instance of the Account class

add (self, user, pass, state)

Add a discovered credential

add (self, user, pass, state)

Add a discovered credential

getAll (self)

Returns a credential iterator matching the selected filters

getCredentials (self, state)

Returns a credential iterator

getTable (self)

Returns a table of credentials

new (self, scriptname, host, port)

Creates a new instance of the Credentials class

new (self, scriptname, host, port)

Creates a new instance of the Credentials class

setFilter (self, host, port, state)

Sets the storage filter

Tables

State

Table mapping the different account states to their number



Functions

__lt (a, b)

Less-than operation for sorting

Lexicographic comparison by user, pass, and state

Parameters

  • a:
  • b:
__tostring (self, host, port)

Get credentials with optional host and port filter If no filters are supplied all records are returned

Parameters

  • self:
  • host: table or string containing the host to filter
  • port: number containing the port to filter

Return value:

table suitable from stdnse.format_output
Account.__tostring (self)

Converts an account object to a printable script

Parameters

  • self:

Return value:

string representation of object
Account.new (self, username, password, state)

Creates a new instance of the Account class

Parameters

  • self:
  • username: containing the user's name
  • password: containing the user's password
  • state: A creds.State account state

Return value:

A new creds.Account object
add (self, user, pass, state)

Add a discovered credential

Parameters

  • self:
  • user: the name of the user
  • pass: the password of the user
  • state: of the account
add (self, user, pass, state)

Add a discovered credential

Parameters

  • self:
  • user: the name of the user
  • pass: the password of the user
  • state: of the account
getAll (self)

Returns a credential iterator matching the selected filters

Parameters

  • self:

Return value:

a credential iterator
getCredentials (self, state)

Returns a credential iterator

Parameters

  • self:
  • state: mask containing values from the State table

Return value:

credential iterator, returning a credential each time it's called. Unless filtered by the state mask all credentials for the host, port match are iterated over. The credential table has the following fields: host - table as received by the action function port - number containing the port number user - string containing the user name pass - string containing the user password state - a state number service - string containing the name of the service scriptname - string containing the name of the script that added the credential

See also:

getTable (self)

Returns a table of credentials

Parameters

  • self:

Return value:

tbl table containing the discovered credentials
new (self, scriptname, host, port)

Creates a new instance of the Credentials class

Parameters

  • self:
  • scriptname: string containing the name of the script
  • host: table as received by the scripts action method
  • port: table as received by the scripts action method
new (self, scriptname, host, port)

Creates a new instance of the Credentials class

Parameters

  • self:
  • scriptname: string containing the name of the script
  • host: table as received by the scripts action method
  • port: table as received by the scripts action method
setFilter (self, host, port, state)

Sets the storage filter

Parameters

  • self:
  • host: table containing the host
  • port: table containing the port
  • state: table containing the account state

Tables

State

Table mapping the different account states to their number

Also available is the StateMsg table, used to map these numbers to a description.

Fields
  • LOCKED: Account is locked
  • VALID: Valid credentials
  • DISABLED: Account is disabled
  • CHANGEPW: Valid credentials, password must be changed at next logon
  • PARAM: Credentials passed to script during Nmap execution
  • EXPIRED: Valid credentials, account expired
  • TIME_RESTRICTED: Valid credentials, account cannot log in at current time
  • HOST_RESTRICTED: Valid credentials, account cannot log in from current host
  • LOCKED_VALID: Valid credentials, account locked
  • DISABLED_VALID: Valid credentials, account disabled
  • HASHED: Hashed valid or invalid credentials

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault