Nmap Development mailing list archives
Re: [PATCH] nmap-service-probes: Misc database corrections, printer additions
From: David Fifield <david () bamsoftware com>
Date: Fri, 10 Jul 2009 16:44:14 -0600
On Fri, Jul 10, 2009 at 12:07:11PM -0700, Aaron Leininger wrote:
No authentication needed? Am I the only one who thinks this screams for a simple, non-default display hacking NSE script? nmap --script jetdirect-display --script-args 'msg=I haZ Pwn3d yur prInt3r#@$#' printer.corp.comAsk and you shall receive!(sorry this took 4 months. Didn't have the time to sit down and hash this out til now) I believe I have a simple script that uses something very near to your syntax that will set the display on most HP LaserJet printers. I have tested the script against an HP LaserJet 4100 (not case sensitive. message always appears in full caps) and a 5si (is case sensitive. displays message using the caps/lower case sent to it) If no arguments are provided, the script will simply set the display to 'READY' which is the default.
I think this script can be included. I have some suggestion. To fit in with the naming conventions of the other script, it should have a name like pjl-ready-message. The id variable is no longer used and should be removed. The name "msg" is too general for the script arg name. Maybe it can be pjl.ready-message or pjl-ready-message.message. Those are a bit long, but it should be something that identifies it as belonging to this script. For example usage and script args, use NSEDoc like this: --- -- @arg pjl.ready-message Ready message to display. -- @output -- 9100/tcp open jetdirect -- |_ hprdymsg: "p0wn3d pr1nt3r" was set as the display for printer at 10.4.10.77 -- @usage -- nmap --script=pjl-ready-message.nse \ -- --script-args='pjl.ready-message="your message here"' Does the port return any message to say whether the message was set successfully? If so you should check it and state the result in the return value. Otherwise it could be a discard server on port 9100 and the script will still say "'...' was set as the display". comm.exchange is an easy way to make a transaction like this.
I put this script in the intrusive category for lack of a better spot. Please let me know where it belongs if not there.
intrusive seems about right. Maybe we'll need a new category for scripts that actively change the state of the remote host. (Not counting the vulnerability scripts that sometimes crash them.) David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- RE: [PATCH] nmap-service-probes: Misc database corrections, printer additions Aaron Leininger (Jul 10)
- Re: [PATCH] nmap-service-probes: Misc database corrections, printer additions David Fifield (Jul 10)
- Re: [PATCH] nmap-service-probes: Misc database corrections, printer additions David Fifield (Jul 10)
- RE: [PATCH] nmap-service-probes: Misc database corrections, printer additions Aaron Leininger (Jul 12)
- RE: [PATCH] nmap-service-probes: Misc database corrections, printer additions Aaron Leininger (Jul 13)
- Re: [PATCH] nmap-service-probes: Misc database corrections, printer additions David Fifield (Jul 13)
- RE: [PATCH] nmap-service-probes: Misc database corrections, printer additions Aaron Leininger (Jul 14)
- RE: [PATCH] nmap-service-probes: Misc database corrections, printer additions Aaron Leininger (Jul 15)
- Re: [PATCH] nmap-service-probes: Misc database corrections, printer additions Fyodor (Jul 15)
- RE: [PATCH] nmap-service-probes: Misc database corrections, printer additions Aaron Leininger (Jul 16)
- Re: [PATCH] nmap-service-probes: Misc database corrections, printer additions Brandon Enright (Jul 16)
- Re: [PATCH] nmap-service-probes: Misc database corrections, printer additions David Fifield (Jul 10)
- Re: [PATCH] nmap-service-probes: Misc database corrections, printer additions David Fifield (Jul 10)
- Re: [PATCH] nmap-service-probes: Misc database corrections, printer additions David Fifield (Jul 16)