Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PATCH] UPnP script and library updates

From: Patrik Karlsson <patrik () cqure net>
Date: Fri, 19 Nov 2010 20:37:31 +0100

On 19 nov 2010, at 18.39, Thomas Buchanan wrote:


Hello.  I've done a little refactoring on the UPnP script and library
that Patrik worked on a couple of weeks ago [1].  I split one of the
library functions into two separate pieces that better align with the
actual steps taken by the script to detect UPnP devices and retrieve
information about them.  I also replaced the HTTP handling routines with
calls to the HTTP library, so we're not duplicating functionality any
more.

In addition, I added a script argument to the unicast version of the
script, upnp-info.nse.  It controls whether the library will override
the IP address of the webserver that hosts the XML files used to
describe the UPnP device.  On some cable modem / DSL devices, the UPnP
service is available on the external network interface, but the location
of the XML file that gets returned often contains the IP address of the
internal NIC.  In these cases, if we override that IP address with the
one we already have (the external NIC), we can sometimes go ahead and
retrieve the XML file successfully.  I've set this script argument to
default to true, as that gives the most informative and accurate
results, in the testing that I've done.  This restores the behavior of
the script to what it was prior to Patrik's rework.

Comments and questions are welcome!


Great work! I tested it against a few hosts of mine and against a few other ones that don't respond to upnp and it 
worked fine.
I noticed you did some pattern matching to extract the host and port from a url. You could probably use url.parse for 
that instead.
Anyway, it's in as r21117 with a minor change to your previous patch as I replaced the if comparison of response with 
result.



Thanks,

Thomas 

[1] http://seclists.org/nmap-dev/2010/q4/224
<upnp-refactor.diff>_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/



//Patrik

--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77





_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: