Nmap Development mailing list archives
Re: NSE Script: x11 server checking
From: vladz () devzero fr
Date: Sat, 8 Aug 2009 17:05:34 +0200
Hello David, Thank you for all your comments. On Fri, Aug 07, 2009 at 06:25:36PM -0600, David Fifield wrote:
I think this script is a good idea and it should be run even if version detection has been done already. The reason I think that is that not all the version probes report the open status, and having it on a line of NSE output will make it easy to grep for.
I don't think that this test could be ran twice (two checks for same result is not that proper no ?). The better thing to do (to have something easy to grep) would be that the two scanning mode "-sV" and "-sC" display the same message ("opened" as in version detection, or "X server access is granted" as in the script... as you wish). But the check will be ran once.
The X11Probe in nmap-service-probes works with ports 6000-6020. Do you think the script should cover that whole range, or just the ports 6000, 6001, and 6003 that are listed in the script?
It was an initial version of the script, but I think it should cover ports from 6000 to 6009 (included), because over 6009 it's usually used for ssh X tunneling. I've attached a new version of the script that includes your comments: - Script renamed in x11-access.nse - Added @output tag - Added exception handling - Added comments when sending/receiving binary data Regards, -vladz.
Attachment:
x11-access.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- NSE Script: x11 server checking vladz (Aug 06)
- Re: NSE Script: x11 server checking jah (Aug 06)
- Re: NSE Script: x11 server checking jah (Aug 06)
- Re: NSE Script: x11 server checking vladz (Aug 06)
- Re: NSE Script: x11 server checking David Fifield (Aug 07)
- Re: NSE Script: x11 server checking vladz (Aug 08)
- Re: NSE Script: x11 server checking David Fifield (Aug 08)
- Re: NSE Script: x11 server checking vladz (Aug 08)