Nmap Development mailing list archives
Re: [NSE] tls-nextprotoneg
From: Hani Benhabiles <kroosec () gmail com>
Date: Sat, 07 Jul 2012 01:38:09 +0100
On 07/06/2012 11:38 AM, Toni Ruottu wrote:
Beautiful! Did you have to implement a full tls library to do this? On Fri, Jul 6, 2012 at 12:21 PM, Hani Benhabiles<kroosec () gmail com> wrote:Hi list, description = [[ Enumerates a TLS server's supported protocols by using the next protocol negotiation extension. This works by adding the next protocol negotiation extension in the client hello packet and looking for the presence of certain protocols in the server hello's NPN extension data. For more information , see: *https://tools.ietf.org/html/draft-agl-tls-nextprotoneg-03 ]] --- -- @usage -- nmap --script=tls-nextprotoneg <targets> -- --@output -- 443/tcp open https -- | tls-nextprotoneg: -- | spdy/3 -- | spdy/2 -- |_ http/1.1 Tests and feedback are welcome. Cheers, Hani. -- Hani Benhabiles Twitter:https://twitter.com/#!/kroosec Blog:http://kroosec.blogspot.com _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived athttp://seclists.org/nmap-dev/
No, I didn't have to implement one, as all the info we need is in the server hello, the first packet sent by the server in reply to the client hello (to which we add the next protocol negotiation extension).
On 07/06/2012 11:47 AM, Toni Ruottu wrote:
Yes I belive so. I was hesitant about adding this to the default category until I see what someone else has to say about it.I think this should go into default. Did you have a specific reason for not putting it into default? Does anyone else have an opinion about this?
Cheers, Hani. -- Hani Benhabiles Twitter:https://twitter.com/#!/kroosec Blog:http://kroosec.blogspot.com _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] tls-nextprotoneg Hani Benhabiles (Jul 06)
- Re: [NSE] tls-nextprotoneg Toni Ruottu (Jul 06)
- Re: [NSE] tls-nextprotoneg Toni Ruottu (Jul 06)
- Re: [NSE] tls-nextprotoneg Hani Benhabiles (Jul 06)
- Re: [NSE] tls-nextprotoneg Henri Doreau (Jul 07)
- Re: [NSE] tls-nextprotoneg Hani Benhabiles (Jul 07)
- Re: [NSE] tls-nextprotoneg Henri Doreau (Jul 07)
- Re: [NSE] tls-nextprotoneg Hani Benhabiles (Jul 07)
- Re: [NSE] tls-nextprotoneg Toni Ruottu (Jul 07)
- Re: [NSE] tls-nextprotoneg Toni Ruottu (Jul 08)
- Re: [NSE] tls-nextprotoneg Hani Benhabiles (Jul 08)
- Re: [NSE] tls-nextprotoneg Toni Ruottu (Jul 08)
- Re: [NSE] tls-nextprotoneg Hani Benhabiles (Jul 08)
- Re: [NSE] tls-nextprotoneg Hani Benhabiles (Jul 07)
- Re: [NSE] tls-nextprotoneg Toni Ruottu (Jul 06)