Nmap Development mailing list archives
Re: OpenTibia service probes
From: Jacek Wielemborek <wielemborekj1 () gmail com>
Date: Wed, 18 Sep 2013 01:21:50 +0200
I attach first version of opentibia-info.nse. Here's some example output: Starting Nmap 6.40 ( http://nmap.org ) at 2013-09-18 01:11 CEST Nmap scan report for thunderot.servegame.com (198.27.78.2) Host is up (0.11s latency). PORT STATE SERVICE VERSION 7171/tcp open OpenTibia 8.7x | opentibia-info: | map: | name: World.otbm | height: 33330 | author: Thunder OT | width: 33455 | owner: | name: Thunder OT | email: contato () thunderot com br | players: | peak: 468 | max: 700 | online: 83 | serverinfo: | uptime: 10h:4m | servername: Thunder OT | version: 0.4_SVN | server: Advanced Forgotten Server | location: Brazil | ip: 198.27.78.2 | url: http://www.thunderot.com.br | port: 7171 | client: 8.71 | npcs: | total: 650 | monsters: |_ total: 52219 Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 7.06 seconds Actually, turns out that perhaps the "server info" probe might be more useful at detecting OpenTibia than the unencrypted login request I originally came up with. Please note the serverinfo[server] field and serverinfo[version] - they're telling the exact OpenTibia build that is hosted here. No idea how it works today, but a few years ago there was a plague of closed-source (original OpenTibia is GPL'd) builds, often quite unstable, so an intruder might be interested in this information looking for buffer overflows and such. This script is probably insecure in its current form. I could have made changes to it after having published this post, so please have a look here for a later version: https://gist.github.com/d33tah/6602030
Attachment:
opentibia-info.nse
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- OpenTibia service probes Jacek Wielemborek (Sep 17)
- Re: OpenTibia service probes Jacek Wielemborek (Sep 17)