Re: [patch][RFC] Keep version information from NSE in XML even when -sV not requested

[David Fifield <david () bamsoftware com>]

On Fri, Mar 30, 2012 at 03:33:22PM -0500, Daniel Miller wrote:
> List,
>
> I recently did a scan for 1433/tcp, running ms-sql-info.nse, which
> sets version information. I neglected to put -sV, partially because
> the scan was enormous and I wanted to avoid extra probes
> (ms-sql-info sends the same probe as the version detection engine,
> anyway). Sadly, when I went to parse the XML output, the version
> information (product, version, extrainfo) was missing from the XML,
> even though the script populates those fields.

I think this makes perfect sense. Your patch gives simpler code and a
better design too. I applied the one that sends version info to both XML
and grepable.

I tested it with the cccam-version script because that's easy to
emulate.

$ ncat -l -k --sh-exec 'dd if=/dev/urandom bs=16 count=1' 10000
$ nmap --script=cccam-version -p10000 localhost -d -oX -

What's different with this patch is 'version="CCcam DVR card sharing
system"' in the output.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/