Nmap Development mailing list archives
Re: "version" scripts running after successful version detection
From: David Fifield <david () bamsoftware com>
Date: Tue, 17 Jul 2012 04:57:23 -0700
On Mon, Jul 16, 2012 at 10:37:22PM -0500, Daniel Miller wrote:
On Mon, Jul 16, 2012 at 10:20 PM, Paulino Calderon <paulino () calderonpale com> wrote:What fix do you guys suggest? I added it to the "version" category because it provided additional firmware and software version information. A possible solution is to remove it from that category until we find a better approach for version scripts of "known" services.Is there a version or set of versions for the web server itself? Without this script, what does service version detection show? We could modify the portrule to first check if version information exists. If not, then behavior is the same as shortport.http. If so, then only run if the version info matches one of the expected values.
This sounds pretty reasonable to me. The only wrinkle is that http-huawei is not *only* a "version" script. People may want to run it independently of whether version detection is also done. Although now that I think about it, if version detection doesn't find something expected, there's not much point in running the script for any other purpose--the only worry is the version signature being changed without the script knowing about it. Is there a way for a script to know when it is running as part of the service detection phase and not the ordinary script scan phase? It could then disable itself (or NSE could disable it) only in that case. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- "version" scripts running after successful version detection David Fifield (Jul 16)
- Re: "version" scripts running after successful version detection Toni Ruottu (Jul 16)
- <Possible follow-ups>
- Re: "version" scripts running after successful version detection Paulino Calderon (Jul 16)
- Re: "version" scripts running after successful version detection Daniel Miller (Jul 16)
- Re: "version" scripts running after successful version detection David Fifield (Jul 17)
- Re: "version" scripts running after successful version detection Daniel Miller (Jul 16)
- Re: "version" scripts running after successful version detection Paulino Calderon (Jul 16)