Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Java RMI service finderprint?

From: Martin Holst Swende <martin () swende se>
Date: Wed, 15 Jun 2011 22:53:09 +0200
----- Ursprungsmeddelande -----

On Mon, Jun 13, 2011 at 05:00:50PM -0700, Gabriel Lawrence wrote:

Its worth noting that there is a script:

rmi-dumpregistry

that has this as its portrule:

portrule = shortport.port_or_service({1098, 1099, 1090, 8901, 8902,
8903}, {"rmi"})

but the info in nmap-service-probes is calling the service jrmi so
things dont match up.

One or the other should really be changed to match.


Good call. I have changed it to be rmiregistry in both places, to match
nmap-services. I don't know if the rmiregistry service is different from
other RMI services.


Hm. Don't know if i misunderstood you now, but to clarify: the fingerprint detects a java rmi endpoint, or service. An 
rmi registry is just a common rmi service used for storing object references. 

So the service should be rmi or jrmi, but whether it is a registry is not detected until later during the script 
execution.




David Fifield


/Martin Holst Swende from n900


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: