Nmap Development mailing list archives
Re: [NSE] New scripts vuze-dht-info, vuze-find-nodes
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Sun, 27 Nov 2011 23:35:52 +0200
I think the vendor id from vuze-dht-info should be added to the corresponding version detection field. "product", I think it was called. By looking at the code I get the picture that vuze-find-nodes attempts to extract information about any connected nodes by trying out random IDs. The bittorrent library does not work like this. Instead it lets the user provide an ID as a magnet link or torrent file and uses the ID to query the DHT. So the bittorrent library lacks support for extracting node information by brute force, where as this script doesn't support scans on specific IDs. I'll leave it up for discussion which one we need, or if we should have both. I am a bit worried that supporting one way for bittorrent dht, and another way for vuze dht may confuse users. On Sun, Nov 27, 2011 at 10:12 PM, Patrik Karlsson <patrik () cqure net> wrote:
Hi all, Here are two more scripts from the secwiki script ideas page: vuze-dht-info - retrieves a bunch of info (including protocol version) from a remot vuze node vuze-find-nodes - queries a remote node for a list of other nodes (ip port) I'm also attaching the main library used by both scripts and the probe and match line for nmap-service-probes. What makes Vuze DHT kind of akward is the fact that there's no default port. The documentation [1] recommends a (kind of broad) range to use, but I found loads of nodes that are on not within that range. Therefore I've found it kind of difficult to create a good portrule for the scripts and port range for the probe. I would appreciate some feedback here, berfore I commit. Thanks, Patrik [1] http://wiki.vuze.com/w/Select_port_for_Vuze -- Patrik Karlsson http://www.cqure.net http://twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] New scripts vuze-dht-info, vuze-find-nodes Patrik Karlsson (Nov 27)
- Re: [NSE] New scripts vuze-dht-info, vuze-find-nodes Toni Ruottu (Nov 27)
- Re: [NSE] New scripts vuze-dht-info, vuze-find-nodes Patrik Karlsson (Nov 28)
- Re: [NSE] New scripts vuze-dht-info, vuze-find-nodes Toni Ruottu (Nov 28)
- Re: [NSE] New scripts vuze-dht-info, vuze-find-nodes Patrik Karlsson (Nov 28)
- Re: [NSE] New scripts vuze-dht-info, vuze-find-nodes Gorjan Petrovski (Nov 29)
- Re: [NSE] New scripts vuze-dht-info, vuze-find-nodes Patrik Karlsson (Nov 29)
- Re: [NSE] New scripts vuze-dht-info, vuze-find-nodes Patrik Karlsson (Nov 28)
- Re: [NSE] New scripts vuze-dht-info, vuze-find-nodes Toni Ruottu (Nov 27)