Re: [NSE] ntp-info probing logic?

[Daniel Miller <bonsaiviking () gmail com>]

On Fri, Aug 22, 2014 at 1:54 PM, <nnposter () users sourceforge net> wrote:

> Daniel Miller wrote:
> > This changes the request from a version 4 to a version 2 packet, which
> may
> > be more widely supported (version 3 appears to be the consensus, and each
> > version is backwards-compatible with previous ones except for version 1).


> Unfortunately these specific targets do not respond to NTPv2 client
> requests either. They do respond to the control requests.

nnposter,

I've committed a combination of our efforts in r33606. It removes the
fail-early check so that both probes are sent, since ntpd permissions are
granular enough to allow control requests but not client requests. It also
downgrades the client request to a version-2 request, in an effort to
expand our coverage to older equipment.

I'd appreciate your feedback if you find anything else wrong here. I simply
changed the version in the packet, so I may have ended up with a weird mix
of version 2 and version 4 fields, but I don't know since the payloads are
not well documented in the script (a future TODO item, I'm sure!). I also
changed the quoted-string parsing in r33608, so we can now handle escaped
quotes within a value. It seems to work fine for me here.

Dan
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/