Nmap Development mailing list archives
Re: Simple NSE script for Docker API fingerprinting
From: Claudio Criscione <claudio.criscione () gmail com>
Date: Fri, 17 Oct 2014 10:22:19 +0200
Ah, fantastic, thank you Daniel. I suspected that the ordering was not hard enforced, but I never saw anything but the one I reported :-( Good thing to have a fallback - I'm looking forward to see your code. Thanks a lot! 2014-10-16 5:57 GMT+02:00 Daniel Miller <bonsaiviking () gmail com>:
On Wed, Oct 15, 2014 at 2:55 PM, Claudio Criscione <claudio.criscione () gmail com> wrote:Hi Daniel, thanks for the followup! Here is the output of the run (I only have an HTTP version handy but theSSLversion should just have an stunnel in front so no difference for the fingerprint I believe):Claudio, I just committed your probe and three matchlines as r33731. After doing a little research, it looks like the order of the elements is not guaranteed, so I took your alphabetical ordering as the best-case scenario, extracting OS information. As a fallback, it tries to match ApiVersion and Version in either order, then falls back to just Version for API 1.11 and older. The API spec does not list OS or KernelVersion under /version but under /info instead. This should get most implementations. Thanks again for all your work and the quick response today! Dan
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Simple NSE script for Docker API fingerprinting Daniel Miller (Oct 15)
- Re: Simple NSE script for Docker API fingerprinting Claudio Criscione (Oct 15)
- Re: Simple NSE script for Docker API fingerprinting Daniel Miller (Oct 15)
- Re: Simple NSE script for Docker API fingerprinting Claudio Criscione (Oct 18)
- Re: Simple NSE script for Docker API fingerprinting Daniel Miller (Oct 15)
- Re: Simple NSE script for Docker API fingerprinting Claudio Criscione (Oct 15)