Nmap Development mailing list archives
Re: Version detection output - script vs normal
From: Fyodor <fyodor () insecure org>
Date: Wed, 4 Nov 2009 01:15:38 -0800
On Fri, Oct 30, 2009 at 12:23:55PM -0500, Tom Sellers wrote:
nmap -sV --version-all --script=custom-script.nse -p60000 192.168.100.111 PORT STATE SERVICE VERSION 60000/tcp open custom MyServ Server 10.33.22 (Solaris) | custom-script: MyServ Version: 10.33.22 |_ Server Platform: Solaris nmap --script=custom-script.nse -p60000 192.168.100.111 PORT STATE SERVICE 60000/tcp open custom | custom-script: MyServ Version: 10.33.22 |_ Server Platform: Solaris
Hi Tom. As you noticed, Nmap only includes the version information if version detection or RPC scanning were requested ("if (o.servicescan || o.rpcscan)"). But your right that there is a special case where someone could not specify these, but run a script which populates the version detection results. I don't think we want to include the "SERVICE" column in all cases that NSE was requested, as this USUALLY doesn't happen. We could maybe add some smarts so that Nmap detects this case and prints the VERSION column anyway if this happens (maybe one a target by target basis). But I'm not sure this scenario is common enough to warrant this. So for now, I'm afraid you just have to use -sV if you want the version information. But you could always specify "--version-intensity 0" to speed it up. Or even pass a nearly empty probes file. Or, if you (or anyone) wants to suggest a patch to handle this case differently, I'd be happy to look at it. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Version detection output - script vs normal Tom Sellers (Oct 30)
- Re: Version detection output - script vs normal Fyodor (Nov 04)