Request: encrypted BitTorrent version script

[David Fifield <david () bamsoftware com>]

Hi all,

I'm just about finished integrating service fingerprint submissions from
the past year. There were a lot of submissions for a protocol that I was
unable to make an entry for: encrypted BitTorrent. Wikipedia has an
article: http://en.wikipedia.org/wiki/BitTorrent_protocol_encryption.

The SMBProgNeg probe seems to get a response from client programs like
Deluge, Transmission, ktorrent, and others. The listening port tends to
be a random high-numbered port.

We have the skypev2-version.nse that can detect another encrypted
protocol. Even if we had a similar script for BitTorrent, one that said
"this is encrypted BitTorrent" and nothing else, that would be good. But
as this protocol is presumably documented, maybe we can do a real
protocol negotiation and learn more.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/