Nmap Development mailing list archives
some ssl version scanning not working
From: Matt Selsky <selsky () columbia edu>
Date: Fri, 31 Dec 2010 03:14:13 -0500
I'm having trouble scanning some SSL services (Oracle Enterprise Manager agents in this case) that used to work. I'm running svn trunk... $ ./nmap --datadir . -sV -p3872 -d angelica Starting Nmap 5.36TEST3 ( http://nmap.org ) at 2010-12-31 02:58 EST --------------- Timing report --------------- hostgroups: min 1, max 100000 rtt-timeouts: init 1000, min 100, max 10000 max-scan-delay: TCP 1000, UDP 1000, SCTP 1000 parallelism: min 0, max 0 max-retries: 10, host-timeout: 0 min-rate: 0, max-rate: 0 --------------------------------------------- NSE: Loaded 8 scripts for scanning. Initiating Ping Scan at 02:58 Scanning angelica (10.59.213.70) [2 ports] Completed Ping Scan at 02:58, 0.00s elapsed (1 total hosts) Overall sending rates: 2980.63 packets / s. mass_rdns: Using DNS server 10.59.59.70 mass_rdns: Using DNS server 10.59.62.10 Initiating Parallel DNS resolution of 1 host. at 02:58 mass_rdns: 0.01s 0/1 [#: 2, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1] Completed Parallel DNS resolution of 1 host. at 02:58, 0.01s elapsed DNS resolution of 1 IPs took 0.01s. Mode: Async [#: 2, OK: 1, NX: 0, DR: 0, SF: 0, TR: 1, CN: 0] Initiating Connect Scan at 02:58 Scanning angelica (10.59.213.70) [1 port] Discovered open port 3872/tcp on 128.59.213.70 Completed Connect Scan at 02:58, 0.00s elapsed (1 total ports) Overall sending rates: 1396.65 packets / s. Initiating Service scan at 02:58 Scanning 1 service on angelica (10.59.213.70) Got nsock CONNECT response with status ERROR - aborting this service Completed Service scan at 02:58, 6.01s elapsed (1 service on 1 host) Starting RPC scan against angelica (10.59.213.70) NSE: Starting runlevel 1 (of 1) scan. Initiating NSE at 02:58 NSE: Script scanning 10.59.213.70. NSE: Starting skypev2-version against 10.59.213.70:3872. NSE: Finished skypev2-version against 10.59.213.70:3872. Completed NSE at 02:58, 0.00s elapsed Nmap scan report for angelica (128.59.213.70) Host is up, received conn-refused (0.00060s latency). rDNS record for 10.59.213.70: angelica Scanned at 2010-12-31 02:58:53 EST for 6s PORT STATE SERVICE REASON VERSION 3872/tcp open ssl/unknown syn-ack Final times for host: srtt: 602 rttvar: 2835 to: 100000 Read from .: nmap-payloads nmap-rpc nmap-service-probes nmap-services. Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 6.11 seconds Expect output is more like: PORT STATE SERVICE VERSION 3872/tcp open ssl/oem-agent Oracle Enterprise Manager Agent httpd 10.2.0.5.0 I'm not sure when it stopped working. Manual testing shows that the service prints the same information as before: $ echo -e 'GET / HTTP/1.0\r\n\r\n' | openssl s_client -connect angelica:3872 -ssl3 HTTP/1.1 400 Bad Request Connection: Close X-ORCL-EMSV: 10.2.0.5.0 X-ORCL-EMCT: 2010-12-31 03:09:13.089 US/Eastern X-ORCL-EMRS: KEY_MISMATCH ERRCODE: 5 Content-Type: text/html; charset=UTF-8 Content-Length: 107 <EMDResponse> <EMDError ERRCODE="5" ERRMSG="Key mismatch while communicating with Agent"/> </EMDResponse> What should I be looking at to fix this? Nsock? Thanks, -- Matt _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- some ssl version scanning not working Matt Selsky (Dec 31)