Nmap Development mailing list archives
Re: Minecraft "Insecure Mode" Detection Script
From: Fyodor <fyodor () insecure org>
Date: Tue, 11 Jan 2011 23:48:04 -0800
On Tue, Jan 11, 2011 at 10:04:16AM +0200, Toni Ruottu wrote:
As for extracting more information, I had my go at implementing the protocol in greater detail. It is doable, but not that easy. The protocol is very verbose, so getting the interesting information requires bypassing lots of uninteresting stuff. That would not be so much of a problem, but skipping a frame requires parsing it to figure out how big it is based on the frame type, but also some information stored in the payload.
Thanks for the details! For now I think we should leave minecraft-auth out of Nmap proper, and let users who want it get it from http://seclists.org/nmap-dev/2010/q4/729. We can revisit that if we see a lot of demand from users to have it integrated, or if it is expanded to obtain more information from the Minecraft server. Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Minecraft "Insecure Mode" Detection Script David Fifield (Jan 09)
- Re: Minecraft "Insecure Mode" Detection Script Toni Ruottu (Jan 09)
- <Possible follow-ups>
- Re: Minecraft "Insecure Mode" Detection Script Fyodor (Jan 10)
- Re: Minecraft "Insecure Mode" Detection Script Toni Ruottu (Jan 11)
- Re: Minecraft "Insecure Mode" Detection Script Fyodor (Jan 11)
- Re: Minecraft "Insecure Mode" Detection Script Ron (Jan 13)
- Re: Minecraft "Insecure Mode" Detection Script Fyodor (Jan 13)
- Re: Minecraft "Insecure Mode" Detection Script Toni Ruottu (Jan 13)
- Re: Minecraft "Insecure Mode" Detection Script Ron (Jan 13)
- Re: Minecraft "Insecure Mode" Detection Script Toni Ruottu (Jan 11)