Nmap Development mailing list archives
Re: new script: openlookup-info
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Sat, 28 May 2011 17:44:49 +0300
OpenLookup was developed as a drop-in replacement for now discontinued OpenDHT. I assume that many projects that were using OpenDHT as a discovery service moved to OpenLookup. I do not have a good picture about how many private instances there are. If we knew how many projects were using OpenDHT we might get some idea about this. My pessimistic guess would be not too many, but for all I know there could be lots. An OpenLookup server can be configured to synchronize their contents with an other OpenLookup server. This is done by connecting to the sync service on one server, and exchanging contents over that connection. In addition to the sync service OpenLookup nodes provide an another http-based interface for clients. This interface provides more detailed information about the node, and is accessible with a web browser. A public OpenLookup "network" is hosted at any.openlookup.net and lookup.infrahip.net There are two domain names to make sure one operator can not take over the network. This network has a few actual nodes, and I am personally running, a few extra nodes for testing purposes. My nodes are not returned as an answer to a DNS lookup, but I have connected them to the network as an exercise. My script works by connecting to the sync service and retrieving the first NSON message, which contains information about the node. I think the script would be particularly useful in cases where a firewall would block access to the http interface. I am also interested in writing a script that would crawl an OpenLookup network by requesting connection tables through the http interface. In such cases openlookup-info would be particularly useful as it could provide some details for the nodes that have their http interface blocked by firewall rules. I did earlier some experiments with scripts, that would gather information through the http interface and crawl through networked nodes. Before proceeding with them I'd want to get a better picture of how the http scanning framework is going to develop. I think there is going to be a problem with running tons of scripts against each http server. We might need some generic way of identifying service that are running on an http server. For crawling we need some support for adding address/port combinations to scan targets, but that is another story. --Toni On Sat, May 28, 2011 at 7:57 AM, David Fifield <david () bamsoftware com> wrote:
On Sun, May 22, 2011 at 05:07:39PM +0300, Toni Ruottu wrote:hello I wrote an nse script that connects to the sync port of OpenLookup discovery service, and extracts information from the handshake. You can try out the script as follows. nmap -p 5850 --script openlookup-info any.openlookup.net lookup.infrahip.net javascript0.orgCan you give us some more information about what this protocol does and how common it is? David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- new script: openlookup-info Toni Ruottu (May 22)
- Re: new script: openlookup-info David Fifield (May 27)
- Re: new script: openlookup-info Toni Ruottu (May 28)
- Re: new script: openlookup-info David Fifield (May 27)