Nmap Development mailing list archives
Re: Microsoft SQL Server fingerprint question
From: Tom Sellers <nmap () fadedcode net>
Date: Fri, 04 Jan 2008 22:17:10 -0600
doug () hcsw org wrote:
On Fri, Jan 04, 2008 at 07:52:45PM -0600 or thereabouts, Tom Sellers wrote:Doug, Is there a listing of the helper functions somewhere? I am almost ready to post the info on the MS SQL probe/match lines. If it is possible to do a hex to decimal conversion of a substring in the match line I could return exact program versions.Hi Tom, The only helper functions are currently $P() and $SUBST(). However, I just hacked up a quick patch that adds $HEX2DEC(). I'm attaching the patch. Please let me know if it works for you. Here is an example: match test m|^Version (\w\w)\w| v/$HEX2DEC(1)/ If this sees "Version 7FA" then the version field will be "127". This is what you meant, right? Best, Doug ------------------------------------------------------------------------
Yes, that is exactly what I was looking for. I will try to test this out tomorrow and see if I can produce MS SQL fingerprints that generate exact version strings. Thanks! Tom _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Microsoft SQL Server fingerprint question Tom Sellers (Jan 03)
- Re: Microsoft SQL Server fingerprint question doug (Jan 03)
- Message not available
- Re: Microsoft SQL Server fingerprint question doug (Jan 04)
- Re: Microsoft SQL Server fingerprint question Tom Sellers (Jan 04)
- Message not available
- Re: Microsoft SQL Server fingerprint question doug (Jan 03)
- Re: Microsoft SQL Server fingerprint question Fyodor (Jan 04)
- Re: Microsoft SQL Server fingerprint question doug (Jan 06)