Nmap Development mailing list archives
XML service fingerprint output patch
From: "Brandon Enright" <bmenrigh () ucsd edu>
Date: Sat, 4 Feb 2006 08:02:27 -0000
Developers, I've always found the service fingerprints that get outputted to the screen for unknown services with -sV to be extremely useful even in their raw form. Grepping through them has found innumerable compromised machines on our networks. This patch addresses their availability in XML output. For each <service> element if the service has a fingerprint it is included in a new attribute named "servicefp". They service fingerprints have been cleaned up a little so they are more XML and database ready. The patch includes the necessary changes to the DTD released with 4.0 so that the documents are valid and well defined. Although I haven't tested these changes against the current Nmap::Parser perl module or other Nmap-specific parsers, the changes are small, valid XML that should not effect any current parsing. The DTD changes include several fixes that aren't service fingerprint specific. This includes the changes I submitted yesterday and a few more. If for some reason it is decided that this patch won't be applied to Nmap, I'll send a patch for the DTD that doesn't include the service fingerprint parts. Hope this is useful! Brandon -- Brandon Enright UCSD ACS/Network Operations bmenrigh () ucsd edu
Attachment:
xml_sf_output.patch.txt
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- XML service fingerprint output patch Brandon Enright (Feb 04)