Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Microsoft SQL Server fingerprint question

From: Tom Sellers <nmap () fadedcode net>
Date: Fri, 04 Jan 2008 22:17:10 -0600
doug () hcsw org wrote:

On Fri, Jan 04, 2008 at 07:52:45PM -0600 or thereabouts, Tom Sellers wrote:

Doug,

     Is there a listing of the helper functions somewhere?  I am almost
ready to post the info on the MS SQL probe/match lines.  If it is possible
to do a hex to decimal conversion of a substring in the match line I could
return exact program versions.


Hi Tom,

The only helper functions are currently $P() and $SUBST(). However, I just
hacked up a quick patch that adds $HEX2DEC(). I'm attaching the patch. Please
let me know if it works for you. Here is an example:

match test m|^Version (\w\w)\w| v/$HEX2DEC(1)/

If this sees "Version 7FA" then the version field will be "127". This is
what you meant, right?

Best,

Doug


------------------------------------------------------------------------


Yes, that is exactly what I was looking for.  I will try to test this out
tomorrow and see if I can produce MS SQL fingerprints that generate
exact version strings.

Thanks!


Tom

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: