Nmap Development mailing list archives
service detection throughts
From: "Andy Lutomirski" <Luto () mailandnews com>
Date: Wed, 23 Aug 2000 10:06:07 -0700
I imagine some sort of tree structure, where each node builds on data from the previous node. nMap could include logic to never try the same node twice, and each node could contain some script for what to do. For example: (in pseudocodeish) root: tcp_connect: begin script $out = read(100 bytes, magic (see below) ) if $out =~ /E?SMTP/i SMTP() ; try SMTP branch if ... HELO() end script SMTP: begin script version test if failed break; (go back to tcp_connect) if success return SMTP end script end SMTP HELO: begin script send "HELO<CRLF>" $y = read(100 bytes or CRLF) if y =~ /some SMTP response here/ SMTP() ; this will skip if SMTP was already tried ? ... end script end HELO end root The "magic" read could simply wait for a non-full TCP segment (not so easy, but a simply way to detect the end of remote transmission, assuming that Nagle is in use). Perhaps the script could simply be perl (open-source, freeware, good regex support, perhaps too big) My .02c. Andy
Current thread:
- service detection throughts Andy Lutomirski (Aug 23)