Nmap Development mailing list archives
Re: [NSE] specify source port
From: Ferdy Riphagen <f.riphagen () nsec nl>
Date: Wed, 30 May 2007 19:48:32 +0200
Eddie Bell wrote:
hi ferdy, Unfortunately this is not currently possible because the connect() syscall, which NSE uses, does not support custom source ports.
Thanks, for clearing up. I couldn't find any info in nse_nsock.* either. I wanted to use it for attached script. It's just a do-and-learn test to get familiar with nse/lua. At least some Cisco's require sport 5060 or 5061 (the two I know). --Ferdy--
-- Nmap NSE script to detect a SIP server running on port 5060. -- Feel free to report any coding issue's. id="SIP server/agent detection" description="Try to detect a SIP server/agent it's response by sending an incomplete \ OPTIONS message. It will probably respond with a '404 Not Found' error." author = "Ferdy Riphagen <f.riphagen () nsec nl>" license = "See nmap's COPYING for license" categories = {"safe", "discovery"} portrule = function(host, port) if port.number == 5060 and port.service == "sip" and port.protocol == "udp" or "tcp" and port.state == "open|filtered" or "open" then return true else return false end end action = function(host, port) local soc, conn, r, res, status, ver, lines soc = nmap.new_socket() soc:set_timeout(10000) conn = soc:connect(host.ip, port.number, port.protocol) if (conn) then r = "OPTIONS sip:" .. host.ip .. " SIP/2.0\r\n" r = r .. "Via: SIP/2.0/" .. port.protocol .. "127.0.0.1:" .. port.number .. "\r\n" r = r .. "To: <sip:" .. host.ip .. ":" .. port.number .. ">\r\n" r = r .. "From: <sip:127.0.0.1:" .. port.number .. ">\r\n" r = r .. "Contact: nmap <sip:127.0.0.1:" .. port.number .. ">\r\n" r = r .. "Call-ID: 1234\r\n" r = r .. "Cseq: 1 OPTIONS\r\n" r = r .. "Content-Length: 0\r\n\r\n" soc:send(r) while true do status, lines = soc:receive() if not status then break end res = "" res = res .. lines if (string.find(res, "User.-Agent:")) then ver = string.match(res, "User.-Agent: (.-)\r\n") else if (string.find(res, "Server:")) then ver = string.match(res, "Server: (.-)\r\n") end end end soc:close() end if (ver) then return "" .. string.gsub(ver, "\n", "") end end
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE] specify source port Ferdy Riphagen (May 29)
- Re: [NSE] specify source port Eddie Bell (May 30)
- Re: [NSE] specify source port Ferdy Riphagen (May 30)
- Re: [NSE] specify source port doug (May 30)
- Re: [NSE] specify source port Brandon Enright (May 30)
- Re: [NSE] specify source port Eddie Bell (May 30)