Nmap Development mailing list archives

Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows

From: Kent Fritz <kfritz () wolfman devio us>
Date: Tue, 22 Apr 2014 11:58:18 -0400

On Tue, Apr 22, 2014 at 06:39:20AM -0500, Daniel Miller wrote:


You can increase the number of ports that will successfully pass the
portrule (as well as possibly rule some out) by using the service version
detection scan, -sV.


This does not work for (at least) Nginx and Apache running SSL on non-standard
ports.  The -sV detects it as HTTP and does not run the ssl-heartbleed script.
You have to specify --script +ssl-heartbleed specifically on these ports.

(Please let me know if I'm doing something wrong.)

Thanks,

Kent.
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

heartbleed script only seems to work on known SSL ports in 6.46 for windows Gamache, Mark (Apr 21)
- Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Daniel Miller (Apr 22)
  - Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Kent Fritz (Apr 22)
    - Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Patrik Karlsson (Apr 22)
    - Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Kent Fritz (Apr 22)
    - Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Patrik Karlsson (Apr 22)
    - Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Matias N. Sliafertas (Apr 23)
    - Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Patrik Karlsson (Apr 23)
    - Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Kent Fritz (Apr 23)
    - RE: heartbleed script only seems to work on known SSL ports in 6.46 for windows Gamache, Mark (Apr 23)