Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CICS Scripts additions and fixes #671

Closed
wants to merge 9 commits into from
Closed

CICS Scripts additions and fixes #671

wants to merge 9 commits into from

Conversation

mainframed
Copy link

@mainframed mainframed commented Jan 31, 2017
edited

This pull request adds/fixes the following

  • cics-enum support for testing transaction IDs with a valid username/password (transaction IDs that need auth can now be discovered)

  • cics-user-enum added support for RACF messages and other fixes

  • New cics-user-brute A new script for brute forcing CICS user IDs

  • New cics-info A new script which uses the CEMT cics transaction ID to gather system information.

dmiller-nmap
dmiller-nmap reviewed Mar 1, 2017
View reviewed changes
scripts/cics-user-brute.nse
self.tn3270:get_screen_debug(2)
end
-- Are we at the logon transaction?
if not (self.tn3270:find('SIGN ON TO CICS') or self.tn3270:find("Signon to CICS")) then
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we expand this to fully case-insensitive pattern match like [Ss][Ii][Gg][Nn] ?[Oo][Nn] [Tt][Oo] [Cc][Ii][Cc][Ss]? Would that be overkill, or a reasonable approach?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure. Though, could be better as:

[Ss]ign [Oo][Nn] [T][t] CICS

(im sure I didn't get it right but I think you get the idea)

nmap-bot pushed a commit that referenced this pull request Mar 1, 2017
@bonsaiviking
Fix a logic bug (and vs or) and extend usernames to 8 chars. See #671
36c0306
nmap-bot pushed a commit that referenced this pull request Mar 1, 2017
@bonsaiviking
New script cics-info. See #671
bed397a
@nmap-bot nmap-bot closed this in edcc648 Mar 1, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dmiller-nmap dmiller-nmap dmiller-nmap left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@mainframed @dmiller-nmap