Nmap Development mailing list archives
Version detection output - script vs normal
From: Tom Sellers <nmap () fadedcode net>
Date: Fri, 30 Oct 2009 12:23:55 -0500
I have a question about the difference in output seen when nmap identifies port service info when using build in version detection (-sV) verses script detection.Scenario:I have a NSE script that will determine a particular service's version as well as server platform. Nmap has build in detection for the service, but it is not a common service. While testing the script I do not use version detection (-sV)so that I can speed up the process.What I have seen is that if built in service detection is NOT enabled the port's service (http,ftp, mysql) IS displayed, but the service name, version and extrainfoare NOT. This was observed using an SVN version of nmap. For example nmap -sV --version-all --script=custom-script.nse -p60000 192.168.100.111 PORT STATE SERVICE VERSION60000/tcp open custom MyServ Server 10.33.22 (Solaris)| custom-script: MyServ Version: 10.33.22 |_ Server Platform: Solaris nmap --script=custom-script.nse -p60000 192.168.100.111 PORT STATE SERVICE 60000/tcp open custom | custom-script: MyServ Version: 10.33.22 |_ Server Platform: SolarisThe name, version and extrainfo data are also not output to the XML results.In both the above cases the port info was set via NSE using the following code:port.version.name = "custom" port.version.name_confidence = 100if server_version ~= nil then port.version.version = server_version end if server_class ~= nil then port.version.extrainfo = server_class endnmap.set_port_version(host, port, "hardmatched") Is this behavior expected? Any input would be appreciated. Thanks much, Tom
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Version detection output - script vs normal Tom Sellers (Oct 30)
- Re: Version detection output - script vs normal Fyodor (Nov 04)