Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

some ssl version scanning not working

From: Matt Selsky <selsky () columbia edu>
Date: Fri, 31 Dec 2010 03:14:13 -0500
I'm having trouble scanning some SSL services (Oracle Enterprise Manager
agents in this case) that used to work.  I'm running svn trunk...

$ ./nmap --datadir . -sV -p3872 -d angelica

Starting Nmap 5.36TEST3 ( http://nmap.org ) at 2010-12-31 02:58 EST
--------------- Timing report ---------------
  hostgroups: min 1, max 100000
  rtt-timeouts: init 1000, min 100, max 10000
  max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
  parallelism: min 0, max 0
  max-retries: 10, host-timeout: 0
  min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Loaded 8 scripts for scanning.
Initiating Ping Scan at 02:58
Scanning angelica (10.59.213.70) [2 ports]
Completed Ping Scan at 02:58, 0.00s elapsed (1 total hosts)
Overall sending rates: 2980.63 packets / s.
mass_rdns: Using DNS server 10.59.59.70
mass_rdns: Using DNS server 10.59.62.10
Initiating Parallel DNS resolution of 1 host. at 02:58
mass_rdns: 0.01s 0/1 [#: 2, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
Completed Parallel DNS resolution of 1 host. at 02:58, 0.01s elapsed
DNS resolution of 1 IPs took 0.01s. Mode: Async [#: 2, OK: 1, NX: 0, DR:
0, SF: 0, TR: 1, CN: 0]
Initiating Connect Scan at 02:58
Scanning angelica (10.59.213.70) [1 port]
Discovered open port 3872/tcp on 128.59.213.70
Completed Connect Scan at 02:58, 0.00s elapsed (1 total ports)
Overall sending rates: 1396.65 packets / s.
Initiating Service scan at 02:58
Scanning 1 service on angelica (10.59.213.70)
Got nsock CONNECT response with status ERROR - aborting this service
Completed Service scan at 02:58, 6.01s elapsed (1 service on 1 host)
Starting RPC scan against angelica (10.59.213.70)
NSE: Starting runlevel 1 (of 1) scan.
Initiating NSE at 02:58
NSE: Script scanning 10.59.213.70.
NSE: Starting skypev2-version against 10.59.213.70:3872.
NSE: Finished skypev2-version against 10.59.213.70:3872.
Completed NSE at 02:58, 0.00s elapsed
Nmap scan report for angelica (128.59.213.70)
Host is up, received conn-refused (0.00060s latency).
rDNS record for 10.59.213.70: angelica
Scanned at 2010-12-31 02:58:53 EST for 6s
PORT     STATE SERVICE     REASON  VERSION
3872/tcp open  ssl/unknown syn-ack
Final times for host: srtt: 602 rttvar: 2835  to: 100000

Read from .: nmap-payloads nmap-rpc nmap-service-probes nmap-services.
Service detection performed. Please report any incorrect results at
http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 6.11 seconds


Expect output is more like:

PORT     STATE  SERVICE       VERSION
3872/tcp open   ssl/oem-agent Oracle Enterprise Manager Agent httpd
10.2.0.5.0

I'm not sure when it stopped working.

Manual testing shows that the service prints the same information as
before:

$ echo -e 'GET / HTTP/1.0\r\n\r\n' | openssl s_client -connect
angelica:3872 -ssl3
HTTP/1.1 400 Bad Request
Connection: Close
X-ORCL-EMSV: 10.2.0.5.0
X-ORCL-EMCT: 2010-12-31 03:09:13.089 US/Eastern
X-ORCL-EMRS: KEY_MISMATCH
ERRCODE: 5
Content-Type: text/html; charset=UTF-8
Content-Length: 107

<EMDResponse>
        <EMDError ERRCODE="5" ERRMSG="Key mismatch while communicating with
Agent"/>
</EMDResponse>


What should I be looking at to fix this?  Nsock?

Thanks,


-- 
Matt

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: