Nmap Development mailing list archives
Re: afp-serverinfo.nse script -- new AFP library
From: David Fifield <david () bamsoftware com>
Date: Mon, 29 Mar 2010 14:33:55 -0600
On Wed, Feb 10, 2010 at 12:10:12AM -0600, Andrew Orr wrote:
I wrote an nse script that queries an AFP (Apple Filing Protocol) server (TCP 548) for basic server information. Mostly to practice my lua/nse, but it may be useful for some, so here it is. Attached is the script itself as well as a patch to nselib/afp.lua against svn revision 16706 (latest as of half hour ago or so). I'm somewhat new to lua and nse so if there is anything blatantly wrong with how I'm doing things please let me know. The bulk of the code is in afp.lua.patch. It is well commented, especially the hackish parts :) Also if someone could test this out and let me know if it doesn't work on certain servers, that would be great. @Patrik: I fixed the null byte bug and it should work on all your test machines now. P.S. Here's some example outputs from three machines, one running OS X 10.6.1 (localhost), one running Ubuntu 9.10 and netatalk 2.0.4~beta2-5ubuntu2 (172...) and one running on iPhone OS 3.1.2 and netatalk 2.0.4 (192...) $ ./nmap -p 548 --script=afp-serverinfo.nse localhost 192.168.1.103 172.16.201.131 Starting Nmap 5.21 ( http://nmap.org ) at 2010-02-09 23:43 CST NSE: Script Scanning completed. Nmap scan report for localhost (127.0.0.1) Host is up (0.00022s latency). PORT STATE SERVICE 548/tcp open afp | afp-serverinfo: | | Server Flags: 0x8ffb | | Super Client: Yes | | UUIDs: No | | UTF8 Server Name: Yes | | Open Directory: Yes | | Reconnect: Yes | | Server Notifications: No | | TCP/IP: No | | Server Signature: No | | ServerMessages: Yes | | Password Saving Prohibited: Yes | | Password Changing: Yes | |_ Copy File: Yes | Server Name: thrall | Machine Type: MacBookPro1,1 | AFP Versions: AFP3.3, AFP3.2, AFP3.1, AFPX03 | UAMs: DHCAST128, DHX2, Recon1, Client Krb v2, No User Authent | Server Signature: 0x0000000000100080000016CB9A545306 | Network Address 1: 192.168.1.139:548 | Network Address 2: 10.211.55.2:548 | Network Address 3: 10.37.129.2:548 | Network Address 4: 172.16.52.1:548 | Network Address 5: 172.16.201.1:548 | Network Address 6: 192.168.1.139 | Directory Name 1: afpserver/LKDC:SHA1.16D4F43CEBC3AD8C7D805EB9C667484B5A7280B0@LKDC:SHA1.16D4F43CEBC3AD8C7D805EB9C667484B5A7280B0 |_ UTF8 Server Name: thrall
Patrik, Can you tell me how much of this functionality is covered by your recent changes to the afp library? I would like to add this script but the original patch had some bugs: http://seclists.org/nmap-dev/2010/q1/665. I noticed in one place you have the comment -- Netatalk returns the name with 1-byte length prefix, -- Mac OS has a 2-byte (UTF-8) length prefix This was one of the questions about the original patch, whether a one-byte length field offset was off by one or whether it was really a two-byte field. You must have solved it in at least one case. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- afp-serverinfo.nse script Andrew Orr (Feb 09)
- Re: afp-serverinfo.nse script Matt Selsky (Feb 09)
- Re: afp-serverinfo.nse script Andrew Orr (Feb 10)
- Re: afp-serverinfo.nse script Matt Selsky (Feb 10)
- Re: afp-serverinfo.nse script Andrew Orr (Feb 10)
- Re: afp-serverinfo.nse script David Fifield (Feb 15)
- Re: afp-serverinfo.nse script David Fifield (Feb 15)
- Re: afp-serverinfo.nse script David Fifield (Feb 25)
- Re: afp-serverinfo.nse script Andrew Orr (Feb 10)
- Re: afp-serverinfo.nse script Matt Selsky (Feb 09)
- Re: afp-serverinfo.nse script -- new AFP library Patrik Karlsson (Mar 29)
- Re: afp-serverinfo.nse script -- new AFP library David Fifield (Mar 29)
- Re: afp-serverinfo.nse script -- new AFP library Patrik Karlsson (Mar 29)
- Re: afp-serverinfo.nse script -- new AFP library David Fifield (Mar 30)
- Re: afp-serverinfo.nse script -- new AFP library Patrik Karlsson (Mar 30)
- Re: afp-serverinfo.nse script -- new AFP library David Fifield (Mar 30)