Script cics-info

Script types: portrule
Categories: discovery, safe
Download: https://svn.nmap.org/nmap/scripts/cics-info.nse

Script Summary

Using the CICS transaction CEMT, this script attempts to gather information about the current CICS transaction server region. It gathers OS information, Datasets (files), transactions and user ids. Based on CICSpwn script by Ayoub ELAASSAL.

Script Arguments

cics-info.trans

Instead of gathering all transaction IDs supplying a name here will make the script only look up one transaction ID

cics-info.pass

Password to use if access to CEMT requires authentication

cics-info.cemt

CICS Transaction ID to be used. Default is CEMT

cics-info.user

Username to use if access to CEMT requires authentication

cics-info.commands

Command used to access cics. Default is cics

Example Usage

nmap --script=cics-info -p 23 <targets>

nmap --script=cics-info --script-args cics-info.commands='logon applid(coolcics)',
cics-info.user=test,cics-info.pass=test,cics-info.cemt='ZEMT',
cics-info.trans=CICA -p 23 <targets>

Script Output

PORT   STATE SERVICE VERSION
23/tcp open  tn3270  IBM Telnet TN3270 (TN3270E)
| cics-info:
|   Security: Disabled
|   System:
|     z/OS Version: 02.01.00
|     CICS Version: 05.02.00
|     System ID: CICS
|     Application ID: CICSFAKE
|     Default User: USERCICS
|   Datasets:
|     CICS.FILEA
|     HLQ123.CICS.DFHCSD
|     HLQ123.CICS.DFHLRQ
|   Libraries:
|     HLQ123.CICS.SDFHLOAD
|   Users:
|     USERCICS
|   Transaction / Program:
|     AADD / DFH$AALL
|     ABRW / DFH$ABRW
|     AINQ / DFH$AALL
|     AMNU / DFH$AMNU
|     AORD / DFH$AREN
|     AORQ / DFH$ACOM
|     AREP / DFH$AREP
|     AUPD / DFH$AALL
|     CADP / DFHDPLU
...
|     CEDX / DFHEDFP
|     CEGN / DFHCEGN
|     CEHP / DFHCHS
|     CEHS / DFHCHS
|     CEJR / DFHEJITL
|     CEMN / DFHCEMNA
|     CEMT / DFHEMTP
|     CEOT / DFHEOTP
|     CXRT / DFHCRT
|     DSNC / DFHD2CM1

Requires


Author:

  • Philip Young aka Soldier of Fortran

License: Same as Nmap--See https://nmap.org/book/man-legal.html