Nmap Development mailing list archives

Re: [NSE] amqp-info script

From: Sebastian Dragomir <velorien () gmail com>
Date: Thu, 5 May 2011 17:22:16 +0300

Hi,
I've added version reporting as you suggested.
If -sV is used, output looks like this:

PORT     STATE SERVICE VERSION
5672/tcp open  amqp    RabbitMQ 2.4.0 (0-9)

PORT     STATE SERVICE VERSION
5672/tcp open  amqp    RabbitMQ 1.7.2 (0-8)

Thanks,
Sebastian

On Wed, May 4, 2011 at 10:30 PM, Toni Ruottu <toni.ruottu () iki fi> wrote:

Nice to see some work on amqp. I think you should use
nmap.set_port_version to report the software version details where you
can. See netbus-version.nse for an example on doing that.

On Wed, May 4, 2011 at 8:01 PM, Sebastian Dragomir <velorien () gmail com>
wrote:

Hi all,
I wrote a script for detecting an AMQP server's properties. It currently
supports 0-8, 0-9, 0-9-1 versions.
For 0-9+ it will also fetch the server's capabilities from the
server-properties field.
The library I wrote for it only supports the most basic handshake
functionality for AMQP, but I thought it wouldn't hurt to refactor it

like

that.

To test the script:
sudo apt-get install rabbitmq-server
nmap --script amqp-info -p5672 127.0.0.1

Sample output:
PORT     STATE SERVICE
5672/tcp open  amqp
| amqp-info:
|   capabilities:
|     publisher_confirms: YES
|     exchange_exchange_bindings: YES
|     basic.nack: YES
|     consumer_cancel_notify: YES
|   copyright: Copyright (C) 2007-2011 VMware, Inc.
|   information: Licensed under the MPL.  See http://www.rabbitmq.com/
|   platform: Erlang/OTP
|   product: RabbitMQ
|   version: 2.4.0
|   mechanisms: PLAIN AMQPLAIN
|_ locales: en_US

amqp.version can be passed as argument to indicate one of 0-8, 0-9 or

0-9-1,

but the script is still capable of guessing the version from the server's
response.

All comments are welcome.

Cheers,
Sebastian

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Attachment: amqp.lua
Description:

Attachment: amqp-info.nse
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] amqp-info script Sebastian Dragomir (May 04)
- Re: [NSE] amqp-info script Toni Ruottu (May 04)
  - Re: [NSE] amqp-info script Sebastian Dragomir (May 05)