Re: Nmap with Common Platform Enumeration

[David Fifield <david () bamsoftware com>]

On Fri, Dec 05, 2008 at 01:19:01PM +0100, A. Ramos wrote:
> As everybody knows, Nmap can be used to do a network infrastructure
> inventory, running it with OS and applications fingerprinting (-O,
> -sV), but the output from this is not compatible with other tools.
>
> What about using CPE (http://cpe.mitre.org/) to print the output from
> the results?

That is an interesting idea. I had to look at the specification
(http://cpe.mitre.org/files/cpe-specification_2.1.pdf) to see what CPE
looks like. It's a machine-readable way of naming operating systems,
applications, and hardware. A CPE name for an operating system looks
like

        cpe:/o:microsoft:windows_xp:::pro
        cpe:/o:redhat:enterprise_linux:4:update4

For an application it could be

        cpe:/a:apache:httpd:2.0.52

And they give an example for a piece of hardware:

        cpe:/h:cisco:router:3825

Nmap already has a machine-readable description of the OS in its
Class Vendor | Name | Family | Device type
lines. A script could likely transform these into CPE, though some
information such as service pack numbers is only in the human-readable
Fingerprint line.

Can you give us examples of applications that use CPE?

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org