Nmap Development mailing list archives
Re: Simple NSE script for Docker API fingerprinting
From: Claudio Criscione <claudio.criscione () gmail com>
Date: Mon, 08 Sep 2014 21:40:38 +0000
Ah, of course this is way better coded as a Probe. My bad - when all you have is an hammer... Is this still the right way to contribute? http://nmap.org/book/vscan-community.html says so but I got no answer to my previous mail. ##############################NEXT PROBE############################## # Queries Docker APIs for the /version url containing version information. # Probe TCP docker q|GET /version HTTP/1.1\r\n\r\n| rarity 7 ports 2375 sslports 2376 match docker m|.*{"ApiVersion":"(.*)","Arch".*"GitCommit":"(.*)","GoVersion".*"Os":"(.*)","Version":"(.*)"}.*| p/Docker remote API/ v/$1/ o/$3/ i/GitCommit:$2 DockerVersion:$4/ Cheers Il giorno Sun Aug 10 2014 at 5:46:13 PM Claudio Criscione < claudio.criscione () gmail com> ha scritto:
Hi, I wrote a simple NSE script to fingerprint the Docker HTTP rest server and thought this could be useful as Docker picks up adoption. The Docker server has a weird behavior (returns 302 $HOST when you try to GET $HOST), so without this script it's reported to be an open proxy. It's my first go at NSEs, so I'm happy to fix anything. Cheers Claudio
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Simple NSE script for Docker API fingerprinting Claudio Criscione (Aug 12)
- Re: Simple NSE script for Docker API fingerprinting Claudio Criscione (Sep 11)