Nmap Development mailing list archives

Re: xmpp.nse

From: Vasiliy Kulikov <segooon () gmail com>
Date: Tue, 9 Aug 2011 13:21:01 +0400

Hi,

This is an update of xmpp script.

* Used set_timeout().  This should identify broken (non-RFC compliant) servers.
* Added TLS support.
* Added xmpp server support.
* Show server name if it differs from an expected name.
* Some new features parsing.
* Better error handling (including poor servers).

Old TODOs are hopefully solved :)

The table with id fingerprints cannot be moved to some external data
file as it contains function pointers, which are binded to the xmpp
script.

xmpp.lua cannot be reused as I parse low-level data, which is not
provided by the library.  Probably it can be extended for this specific
use, but I doubt it would be very useful.

Probably the script should be names "xmpp-info" similar to other
protocols.


I have a question about formatting.  The thing is there are 2 output
blocks - one without STARTTLS, one with STARTTLS.  Both are significant
as feature set often differs in these cases.  Currently the output is as
follows:

PORT     STATE SERVICE REASON  VERSION
5222/tcp open  jabber  syn-ack ejabberd (Protocol 1.0)
| xmpp: 
|     XMPP
|       Lang
|         ru
|       v1.0
|     features
|       In-Band Registration
|       TLS
|     capabilities
|       node
|         http://www.process-one.net/en/ejabberd/
|       ver
|         rvAR01fKsc40hT0hOLGDuG25y9o=
|     COMPRESSION METHODS (1)
|       zlib
|     AUTH MECHANISMS (2)
|       PLAIN
|       DIGEST-MD5
|   Respects server name
|   Inside of TLS stream:
|         XMPP
|           Lang
|             ru
|           v1.0
|         features
|           In-Band Registration
|         capabilities
|           node
|             http://www.process-one.net/en/ejabberd/
|           ver
|             rvAR01fKsc40hT0hOLGDuG25y9o=
|         COMPRESSION METHODS (1)
|           zlib
|         AUTH MECHANISMS (2)
|           PLAIN
|_          DIGEST-MD5

I feel it is too bloated, however, both information blocks are for the
good :)

Attachment: xmpp.nse
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: xmpp.nse Vasiliy Kulikov (Aug 09)
- Re: xmpp.nse Henri Doreau (Aug 10)
  - Re: xmpp.nse Vasiliy Kulikov (Aug 10)
    - Re: xmpp.nse Vasiliy Kulikov (Aug 10)
    - Re: xmpp.nse Henri Doreau (Aug 10)
    - Re: xmpp.nse Vasiliy Kulikov (Aug 30)
    - Re: xmpp.nse Henri Doreau (Sep 05)
    - Re: xmpp.nse Patrik Karlsson (Sep 05)
    - Re: xmpp.nse Henri Doreau (Sep 05)