Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Char "," and ":" in "Service Version" output makes handing gnmap format very confusing

From: "Mitsuaki (Mitch) Shiraishi" <mshiraishi () secureworks com>
Date: Thu, 20 Sep 2018 11:49:24 +0000
Hello,

Could you please consider to remove "," and ":" from output of -sV as a "Version"?
These characters brings confusion when handling gnmap format.

For example, in nmap-service-probes, you can see the following code at line 8393:.

match http m|^HTTP/1\.0 200 OK\r\nServer: http server ([\w._-]+)\r\n.*Content-length: 
291\r\n.*if\(location\.hostname\.indexOf\(':'\) == 
-1\){location\.href='http://'\+location\.hostname\+':'\+8080\+'/';\n}|s p/QNAP HS-210, TS-659, TS-809U, or TS-859U NAS 
http config/ v/$1/ d/storage-misc/ o/Linux/ cpe:/o:linux:linux_kernel:2.6/


This makes following output:

Host: 111.222.333.444 () Ports: 80/open/tcp//http//QNAP HS-210, TS-659, TS-809U, or TS-859U NAS http config 1.0/, 
139/open/tcp//netbios-ssn//Samba smbd 3.X - 4.X (workgroup: WORKGROUP)/, 445/open/tcp//netbios-ssn//Samba smbd 3.X - 
4.X (workgroup: WORKGROUP)///    Ignored State: closed (65526)    Seq Index: 259    IP ID Seq: All zeros


Please see the short example below and you will find it is very confusing because of placed "," and ":" as a part of 
"Version":

Host: 111.222.333.444 () Ports: 80/open/tcp//http//a,b,c/, 139/open/tcp//netbios-ssn//Samba(workgroup: WORKGROUP)/, 
445/open/tcp//netbios-ssn//Samba(workgroup: WORKGROUP)///    Ignored State: closed (65526)    Seq Index: 259    IP ID 
Seq: All zeros

I assume most of us expect that:
 * The char ":" as a primary delimiter of Host/Ports/Ignored State...
 * The char "," as a next delimiter of each components of "Ports"
Then we start to split each "port" into {portnum/state/proto/service/version} by using "/" as a delimiter.

Thus, appearance of "," and/or ":" as a part of "Version" breaks this assumption, brings a unclear mis-handling of the 
gnmap output for us.

I am aware that this is not an actual bug, but it is very troublesome for gnmap parser.

Regards,

白石三晃 Mitsuaki (Mitch) Shiraishi | OSCE, OSCP, GCIH, CISSP, CISA
CREST Registered Penetration Tester
Principal Consultant, Technical Testing [ Red Team ]
Secureworks® | Security Is A Beautiful Thing.™

Mail: mshiraishi () secureworks com<mailto:tsato () secureworks com>
Mobile: 080 8060 4173





_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: