Nmap Development mailing list archives
[NSE] http-cisco-anyconnect fires on all SSL ports
From: nnposter () users sourceforge net
Date: Tue, 24 Feb 2015 1:36:21 -0700
The port rule for http-cisco-anyconnect is causing the script to run against all SSL ports, which seems excessive. As an example, it is loudly erroring out on FTPS servers. Review of the supporting library, anyconnect.lua, shows that the relevant handshake communication is based on HTTP. Moreover, the official Cisco AnyConnect documentation states that the only TCP ports used are 80 and 443. http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect31/administration/guide/anyconnectadmin31/ac10adminreqs.html#99554 Following the same argument, it does not seem necessary for the port rule to use sslcert.isPortSupported() because this function will return nil for HTTP ports. Please let me know if I am missing anything. Otherwise please consider the attached patch. Cheers, nnposter P.S. https://github.com/nmap/nmap/issues/62
Attachment:
http-cisco-anyconnect.patch
Description:
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] http-cisco-anyconnect fires on all SSL ports nnposter (Feb 23)