Nmap Development mailing list archives

Re: Minecraft "Insecure Mode" Detection Script

From: Fyodor <fyodor () insecure org>
Date: Tue, 11 Jan 2011 23:48:04 -0800

On Tue, Jan 11, 2011 at 10:04:16AM +0200, Toni Ruottu wrote:


As for extracting more information, I had my go at implementing the
protocol in greater detail. It is doable, but not that easy. The
protocol is very verbose, so getting the interesting information
requires bypassing lots of uninteresting stuff. That would not be so
much of a problem, but skipping a frame requires parsing it to figure
out how big it is based on the frame type, but also some information
stored in the payload.


Thanks for the details!  For now I think we should leave
minecraft-auth out of Nmap proper, and let users who want it get it
from http://seclists.org/nmap-dev/2010/q4/729.  We can revisit that if
we see a lot of demand from users to have it integrated, or if it is
expanded to obtain more information from the Minecraft server.

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: Minecraft "Insecure Mode" Detection Script David Fifield (Jan 09)
- Re: Minecraft "Insecure Mode" Detection Script Toni Ruottu (Jan 09)
- <Possible follow-ups>
- Re: Minecraft "Insecure Mode" Detection Script Fyodor (Jan 10)
  - Re: Minecraft "Insecure Mode" Detection Script Toni Ruottu (Jan 11)
    - Re: Minecraft "Insecure Mode" Detection Script Fyodor (Jan 11)
    - Re: Minecraft "Insecure Mode" Detection Script Ron (Jan 13)
    - Re: Minecraft "Insecure Mode" Detection Script Fyodor (Jan 13)
    - Re: Minecraft "Insecure Mode" Detection Script Toni Ruottu (Jan 13)
    - Re: Minecraft "Insecure Mode" Detection Script Ron (Jan 13)