Re: OS detection from NSE script?

[Tom Sellers <nmap () fadedcode net>]

On 8/12/10 12:41 PM, Daniel Miller wrote:
> On 08/12/2010 12:36 PM, Daniel Miller wrote:
> > Is there any way to feed OS version information from an NSE script to the Nmap engine, similar to nmap.set_port_version, but more like 
> > "nmap.set_os_version?" I can't find any reference to it in the
> > documentation, and scripts like smb-os-discovery.nse just print it out themselves.
> >
> > Thanks for any info,
> > Dan
> Never mind, I found it. For the record, setting port.version.ostype before calling nmap.set_port_version accomplishes 
> what I was looking to do.

Dan,
        Glad you found your answer, sorry I didn't see your email sooner.

On a related note, I think it would be interesting to allow the NSE to hand data
to Nmap to be put through its normal version scanning mechanisms.  It would be useful,
for example, when connecting to telnet services.  There is often static data in the
banners that could be used for service ident but since the version scanning engine
cannot negotiate the protocol then we miss out on this.  We could do it in a script
but then miss the chance to include the fingerprints in our standard files.

I have seen several instances where nmap detects a service as a linux telnet services
simple because it matches the initial portion of the telnet handshake and capabilities
negotiation.

Interestingly enough, there is an example telnet client in the nsock/examples directory.

Food for thought, added to my "look into" list... I gotta free up some time.. bleh

Tom

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/