Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: pgsql-brute and PostgreSQL match lines

From: David Fifield <david () bamsoftware com>
Date: Mon, 24 May 2010 11:16:26 -0600
On Sat, May 22, 2010 at 01:43:02PM -0500, Tom Sellers wrote:

Anyone have any objections to me adding a softmatch to the
nmap-service-probes file that would identify the service as PostgreSQL
while still printing the fingerprint block?

The line I had in mind was

softmatch postresql m|E\0\0\0\x84SFATAL\0C0A000\0Munsupported frontend protocol 65363| p/PostgreSQL DB/


Looks good, but
1. Fix spelling of postgresql.
2. Anchor the match at the beginning with ^.

I think it's worth digging into the revision history of
nmap-service-probes. We used to have one or two hard matches with a
generic string like you have above; one of those could be restored and
turned into a softmatch.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: