Nmap Development mailing list archives

Re: [PATCH] Always list SSL in case any SSL connection succeeded

From: Kristof Boeynaems <kristof.boeynaems () gmail com>
Date: Sun, 22 Feb 2009 08:39:41 +0100

Kristof Boeynaems wrote:

Hi All,
A quick patch for the 'bug' described inhttp://seclists.org/nmap-dev/2009/q1/0484.html.

I was a bit too quick in submitting the above patch. It will not printout any new fingerprint in the SSL case.


Attached an improved patch that fixes that issue.

Cheers,

Kristof

diff -urNb nmap-4.85BETA3/service_scan.cc nmap-4.85BETA3_always_print_ssl/service_scan.cc
--- nmap-4.85BETA3/service_scan.cc      2008-12-04 18:04:48.000000000 +0100
+++ nmap-4.85BETA3_always_print_ssl/service_scan.cc     2009-02-22 08:38:17.000000000 +0100
@@ -2310,6 +2310,22 @@
                                          *(*svc)->devicetype_matched? (*svc)->devicetype_matched : NULL, 
                                          shouldWePrintFingerprint(*svc) ? (*svc)->getServiceFingerprint(NULL) : NULL);
    }  else {
+     if ((*svc)->tunnel != SERVICE_TUNNEL_NONE){
+        /* Always print SSL tunnel, if we detected such a tunnel */
+        assert((*svc)->tunnel == SERVICE_TUNNEL_SSL);
+
+        (*svc)->port->setServiceProbeResults((*svc)->probe_state,
+                                          (*svc)->probe_matched,
+                                          (*svc)->tunnel,
+                                          *(*svc)->product_matched? (*svc)->product_matched : NULL,
+                                          *(*svc)->version_matched? (*svc)->version_matched : NULL,
+                                          *(*svc)->extrainfo_matched? (*svc)->extrainfo_matched : NULL,
+                                          *(*svc)->hostname_matched? (*svc)->hostname_matched : NULL,
+                                          *(*svc)->ostype_matched? (*svc)->ostype_matched : NULL,
+                                          *(*svc)->devicetype_matched? (*svc)->devicetype_matched : NULL,
+                                          shouldWePrintFingerprint(*svc) ? (*svc)->getServiceFingerprint(NULL) : NULL);
+     }
+     /* Print new fingerprint if found */
      if ((*svc)->getServiceFingerprint(NULL))
        (*svc)->port->setServiceProbeResults((*svc)->probe_state, NULL,
                                            (*svc)->tunnel, NULL, NULL, NULL, NULL, NULL, NULL,


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

[PATCH] Always list SSL in case any SSL connection succeeded Kristof Boeynaems (Feb 21)
- Re: [PATCH] Always list SSL in case any SSL connection succeeded Kristof Boeynaems (Feb 21)
- Re: [PATCH] Always list SSL in case any SSL connection succeeded David Fifield (Feb 23)
  - Re: [PATCH] Always list SSL in case any SSL connection succeeded Kristof Boeynaems (Feb 24)
    - Re: [PATCH] Always list SSL in case any SSL connection succeeded Kristof Boeynaems (Feb 24)
    - Re: [PATCH] Always list SSL in case any SSL connection succeeded David Fifield (Mar 02)
    - Re: [PATCH] Always list SSL in case any SSL connection succeeded Fyodor (Mar 02)
    - Re: [PATCH] Always list SSL in case any SSL connection succeeded David Fifield (Mar 02)
    - Re: [PATCH] Always list SSL in case any SSL connection succeeded Fyodor (Mar 02)
    - Re: [PATCH] Always list SSL in case any SSL connection succeeded David Fifield (Mar 03)
    - Re: [PATCH] Always list SSL in case any SSL connection succeeded David Fifield (Mar 02)
    - Re: [PATCH] Always list SSL in case any SSL connection succeeded Kristof Boeynaems (Mar 02)