Nmap Development mailing list archives
Re: [SCRIPT] IBM DB2 Server Profile export + Version detection
From: David Fifield <david () bamsoftware com>
Date: Tue, 22 Dec 2009 10:17:21 -0700
On Sun, Dec 20, 2009 at 12:29:42AM +0100, Patrik Karlsson wrote:
I ran the script against both Windows and Linux and at first it looked great. Looking a bit closer I noticed that the server profile ended in the middle of a node description. Running the script against the same server several times sometimes ended up with a complete server profile and other times with just half of it. My guess is that as your script searches for the beginning of the profile and breaks the loop once it detects it, you sometimes end up with incomplete data in the receive buffer, needing to call it again to retrieve the remaining data. I made some small changes so that it reads until it finds "\r\n\0" at the end of the receive buffer instead and then breaks. This change allowed me to get consistent results. If your interested in the diff let me know. An even better (or overambitious?) solution might be to read a fixed length data header of the socket, retrieve the length of the data from this header, and then read the remaining data from the socket. That would require protocol documentation/knowledge or some packet analysis though. I did some initial packet analysis and found some stuff that was the same in each packet and some bytes that probably contain length info.
We had a similar problem with the ssh2 library. It assumed that one network read would always retrieve a complete packet, which wasn't always the case. http://seclists.org/nmap-dev/2009/q2/673 João Correa fixed it by building in a buffer that stores bytes and returns a packet only when it is complete. It has a nice interface; you just say status, packet = transport.receive_packet(socket) if not status then socket:close(); return end ... Here's the message with his patch: http://seclists.org/nmap-dev/2009/q2/704 David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [SCRIPT] IBM DB2 Server Profile export + Version detection Tom Sellers (Dec 19)
- Re: [SCRIPT] IBM DB2 Server Profile export + Version detection Ron (Dec 21)
- Re: [SCRIPT] IBM DB2 Server Profile export + Version detection Patrik Karlsson (Dec 21)
- Re: [SCRIPT] IBM DB2 Server Profile export + Version detection David Fifield (Dec 22)
- Re: [SCRIPT] IBM DB2 Server Profile export + Version detection David Fifield (Dec 31)