search

ShawnDEvans / smbmap

SMBMap is a handy SMB enumeration tool
GNU General Public License v3.0
1.76k stars 343 forks source link

[!] Bummer: local variable 'priv_status' referenced before assignment #84

Closed relector-tuxnix closed 1 year ago

relector-tuxnix commented 1 year ago

Latest version (git head) needs to declare and assign value to 'priv_status' : priv_status

ShawnDEvans commented 1 year ago

Nuts, I'm not even sure that code path should be executing. I'm booked this week, but will try to get to it next week. Thanks for the report!!

On Wed, Jun 7, 2023, 1:50 AM Relector @.***> wrote:

Latest version (git head) needs to declare and assign value to 'priv_status' : [image: priv_status] https://user-images.githubusercontent.com/1979197/243925104-3c78e7d9-d7dd-4c7e-887d-ef320e7da393.png

— Reply to this email directly, view it on GitHub https://github.com/ShawnDEvans/smbmap/issues/84, or unsubscribe https://github.com/notifications/unsubscribe-auth/AA6SKWGKFFGEIMKMESF2VZDXKAJD5ANCNFSM6AAAAAAY5K6Z6A . You are receiving this because you are subscribed to this thread.Message ID: @.***>

ShawnDEvans commented 1 year ago

I made sure the priv_status var was declared. Thanks again!

relector-tuxnix commented 1 year ago

Nice work. Thanks :+1:

shaaati commented 1 year ago

It seems that you pushed the fix for this issue after releasing v1.9.1 (even though it was before you increased the version number).

This results in Kali Linux (which in turn just uses the package from Debian Testing) showing an smbmap version of v1.9.1 which still is affected by this bug.

As far as "I'm not even sure that code path should be executing": I encountered this on two recent penetration testing assignments. While the "buggy" package worked against a Synology NAS, it failed when trying to list SMB shares on a Windows domain controller.

Would it be possible to simply push a new bugfix release that incorporates the fix, which would then be used by Debian as the source for a new package?

felix4webscience commented 11 months ago

Hi, any news about the issue recalled by @shaaati? I run into the same problem...

ShawnDEvans commented 11 months ago

I recently pushed some updates that should have addressed this. The "priv_status" variable was declared before use, addressed some other bugs, and tagged a new release. Did you update to the latest release? Let me know and I'll dig back in if I closed this one too early. Thanks!

shaaati commented 11 months ago

Looks good to me. It seems you pushed 1.9.2 the same day I made my comment. Maybe that overlapped. I guess the next step is to get Debian to build a new package based on 1.9.2, but there's nothing that you need to do.