Nmap domcon-cmd NSE Script
This page contains detailed information about how to use the domcon-cmd NSE script. For list of all NSE scripts, visit the Nmap NSE Library.
| Select: |
|---|
Script Overview
Script source code: https://github.com/nmap/nmap/tree/master/scripts/domcon-cmd.nse
Script categories: intrusive, auth
Target service / protocol: dominoconsole, tcp
Target network port(s): 2050
List of CVEs: -
Script Description
The domcon-cmd.nse script runs a console command on the Lotus Domino Console using the given authentication credentials (see also: domcon-brute)
Domcon-cmd NSE Script Arguments
This is a full list of arguments supported by the domcon-cmd.nse script:
domcon-cmd.cmdThe command to run on the remote server
domcon-cmd.passThe password used to authenticate to the server
domcon-cmd.userThe user used to authenticate to the server
- - -
To use these script arguments, add them to the Nmap command line using the --script-args arg1=value,[arg2=value,..] syntax. For example:
nmap --script=domcon-cmd --script-args domcon-cmd.cmd=value,domcon-cmd.pass=value <target>Domcon-cmd NSE Script Example Usage
Here's an example of how to use the domcon-cmd.nse script:
nmap -p 2050 <host> --script domcon-cmd --script-args domcon-cmd.cmd="show server", \
domcon-cmd.user="Patrik Karlsson",domcon-cmd.pass="secret"
Domcon-cmd NSE Script Example Output
Here's a sample output from the domcon-cmd.nse script:
PORT STATE SERVICE REASON
2050/tcp open unknown syn-ack
| domcon-cmd:
| show server
|
| Lotus Domino (r) Server (Release 8.5 for Windows/32) 2010-07-30 00:52:58
|
| Server name: server1/cqure - cqure testing server
| Domain name: cqure
| Server directory: C:\Program Files\IBM\Lotus\Domino\data
| Partition: C.Program Files.IBM.Lotus.Domino.data
| Elapsed time: 00:27:11
| Transactions/minute: Last minute: 0; Last hour: 0; Peak: 0
| Peak # of sessions: 0 at
| Transactions: 0 Max. concurrent: 20
| ThreadPool Threads: 20 (TCPIP Port)
| Availability Index: 100 (state: AVAILABLE)
| Mail Tracking: Not Enabled
| Mail Journalling: Not Enabled
| Number of Mailboxes: 1
| Pending mail: 0 Dead mail: 0
| Waiting Tasks: 0
| DAOS: Not Enabled
| Transactional Logging: Not Enabled
| Fault Recovery: Not Enabled
| Activity Logging: Not Enabled
| Server Controller: Enabled
| Diagnostic Directory: C:\Program Files\IBM\Lotus\Domino\data\IBM_TECHNICAL_SUPPORT
| Console Logging: Enabled (1K)
| Console Log File: C:\Program Files\IBM\Lotus\Domino\data\IBM_TECHNICAL_SUPPORT\console.log
|_ DB2 Server: Not Enabled
Domcon-cmd NSE Script Example XML Output
There is no sample XML output for this module. However, by providing the -oX <file> option, Nmap will produce a XML output and save it in the file.xml file.
Author
- Patrik Karlsson
References
- https://nmap.org/nsedoc/scripts/domcon-cmd.html
- https://github.com/nmap/nmap/tree/master/scripts/domcon-cmd.nse
See Also
Related NSE scripts to the domcon-cmd.nse script:
Visit Nmap NSE Library for more scripts.
The domcon-cmd.nse script may fail with the following error messages. Check for the possible causes by using the code snippets highlighted below found in the script source code. This can often times help in identifying the root cause of the problem.
Failed to read line
Here is a relevant code snippet related to the "Failed to read line" error message:
73:
74: local lines
75: local result = {}
76: local status, line = socket:receive_lines(1)
77:
78: if ( not(status) ) then return false, "Failed to read line" end
79: lines = stringaux.strsplit( "\n", line )
80:
81: for _, line in ipairs( lines ) do
82: if ( not(line:match("BeginData")) and not(line:match("EndData")) ) then
83: table.insert(result, line)
No command supplied (see domcon-cmd.cmd)
Here is a relevant code snippet related to the "No command supplied (see domcon-cmd.cmd)" error message:
105: local result_part, result, cmds = {}, {}, {}
106: local user = stdnse.get_script_args('domcon-cmd.user')
107: local pass = stdnse.get_script_args('domcon-cmd.pass')
108: local cmd = stdnse.get_script_args('domcon-cmd.cmd')
109:
110: if( not(cmd) ) then return fail("No command supplied (see domcon-cmd.cmd)") end
111: if( not(user)) then return fail("No username supplied (see domcon-cmd.user)") end
112: if( not(pass)) then return fail("No password supplied (see domcon-cmd.pass)") end
113:
114: cmds = stringaux.strsplit(";%s*", cmd)
115:
No username supplied (see domcon-cmd.user)
Here is a relevant code snippet related to the "No username supplied (see domcon-cmd.user)" error message:
106: local user = stdnse.get_script_args('domcon-cmd.user')
107: local pass = stdnse.get_script_args('domcon-cmd.pass')
108: local cmd = stdnse.get_script_args('domcon-cmd.cmd')
109:
110: if( not(cmd) ) then return fail("No command supplied (see domcon-cmd.cmd)") end
111: if( not(user)) then return fail("No username supplied (see domcon-cmd.user)") end
112: if( not(pass)) then return fail("No password supplied (see domcon-cmd.pass)") end
113:
114: cmds = stringaux.strsplit(";%s*", cmd)
115:
116: socket:set_timeout(10000)
No password supplied (see domcon-cmd.pass)
Here is a relevant code snippet related to the "No password supplied (see domcon-cmd.pass)" error message:
107: local pass = stdnse.get_script_args('domcon-cmd.pass')
108: local cmd = stdnse.get_script_args('domcon-cmd.cmd')
109:
110: if( not(cmd) ) then return fail("No command supplied (see domcon-cmd.cmd)") end
111: if( not(user)) then return fail("No username supplied (see domcon-cmd.user)") end
112: if( not(pass)) then return fail("No password supplied (see domcon-cmd.pass)") end
113:
114: cmds = stringaux.strsplit(";%s*", cmd)
115:
116: socket:set_timeout(10000)
117: local status = socket:connect( host, port )
Version
This page has been created based on Nmap version 7.92.
Go back to menu.
