Nmap Development mailing list archives
Re: [NSE] isakmp aggressive mode and version detection
From: Jesper Kückelhahn <dev.kyckel () gmail com>
Date: Mon, 21 Jan 2013 19:16:18 +0100
Hi David, Thanks for testing. I'm sorry that I didn't include instructions for the script and files. I've tried to follow the convention currently used for file locations, which means that the script assumes that the files 'ike.lua' and 'ike-fingerprints.lua' are placed in 'nmap/nselib/' and 'nmap/nselib/data/', respectively. I think the error you are seeing is a consequence of 'ike-fingerprints.lua' not being found and loaded correctly. In my testing I've used the following syntax: # nmap --script=ike-version -p500 -sUV --version-intensity=0 -dd TARGET The script uses the same port as the an isakmp service is listening on (UDP port 500) for socket:bind, so running a isakmp service on localhost could be causing some issues ? This can be changed in line 332 in 'ike.lua'. Does this help ? - Jesper On Jan 21, 2013, at 7:39 AM, David Fifield <david () bamsoftware com> wrote:
On Sat, Jan 19, 2013 at 04:20:15PM +0100, Jesper Kückelhahn wrote:I've debugged and enhanced this script, so it should be more robust and have better version detection on some systems.I'm getting this error against a dummy Ncat listener: $ sudo ncat -l --udp 500 -k --sh-exec "cat > /dev/null" $ sudo ./nmap -p 500 -sU localhost --script=ike-version -d NSE: ike-version against 127.0.0.1:500 threw an error! /home/david/nmap-git/nselib/ike.lua:183: bad argument #1 to 'pairs' (table expected, got nil) stack traceback: [C]: in function 'pairs' /home/david/nmap-git/nselib/ike.lua:183: in function 'lookup' /home/david/nmap-git/nselib/ike.lua:310: in function </home/david/nmap-git/nselib/ike.lua:290> (...tail calls...) scripts/ike-version.nse:58: in function 'get_version' scripts/ike-version.nse:100: in function <scripts/ike-version.nse:99> (...tail calls...) I seem to get the same error when I try to install an IKE listener to test against. I tried the Debian packages strongswan-ikev1 (pluto) and strongswan-ikev2 (charon), and netstat says they are listening on port 500, but I get the same error as above. What do you recommend testing against? David Fifield
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] isakmp aggressive mode and version detection Jesper Kückelhahn (Jan 19)
- Re: [NSE] isakmp aggressive mode and version detection David Fifield (Jan 20)
- Re: [NSE] isakmp aggressive mode and version detection Jesper Kückelhahn (Jan 21)
- Re: [NSE] isakmp aggressive mode and version detection David Fifield (Jan 26)
- Re: [NSE] isakmp aggressive mode and version detection Jesper Kückelhahn (Jan 27)
- Message not available
- Re: [NSE] isakmp aggressive mode and version detection Jesper Kückelhahn (Jan 27)
- Re: [NSE] isakmp aggressive mode and version detection David Fifield (Jan 27)
- Re: [NSE] isakmp aggressive mode and version detection Jesper Kückelhahn (Jan 28)
- Re: [NSE] isakmp aggressive mode and version detection David Fifield (Jan 28)
- Re: [NSE] isakmp aggressive mode and version detection Jesper Kückelhahn (Jan 29)
- Re: [NSE] isakmp aggressive mode and version detection David Fifield (Jan 29)
- Re: [NSE] isakmp aggressive mode and version detection Jesper Kückelhahn (Jan 21)
- Re: [NSE] isakmp aggressive mode and version detection David Fifield (Jan 20)