Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] ProConOS and PC Worx

From: Stephen Hilt <hilt () digitalbond com>
Date: Sat, 7 Mar 2015 11:11:04 -0500
You could send the same messages and as long as the bytes we are checking
match then you could use it as a service probe much like what we did with
BACnet.
 On Feb 24, 2015 8:52 AM, "Daniel Miller" <bonsaiviking () gmail com> wrote:


Stephen,

These simple scripts are great contributions. The biggest improvement to
how Nmap handles these services, however, would be to have service
fingerprints in nmap-service-probes to identify the services if possible.
Since you are making these "version" category scripts, the most likely way
people will run them will be via the -sV option, which means that Nmap will
send a barrage of inappropriate probes to the service trying to match a
response. You know as well or better than anyone how hazardous that could
be against industrial equipment :). If we have a matchline (or even a
softmatch to identify the protocol) in nmap-service-probes, then Nmap will
stop probing at that point. This speeds up scan times considerably, and
avoids sending "bad" data to known services.

Do you have examples of service fingerprints that Nmap prints for these
services when you run with -sV? Or with -sV --version-all? Thanks.

Dan

On Thu, Feb 12, 2015 at 2:16 PM, Stephen Hilt <hilt () digitalbond com>
wrote:


Hello,

Here are two new NSEs aimed to help identify ProConOS/MultiProg enabled
PLCs as well as Phoenix Contact PLCs that support the PC Worx. Please
consider these for inclusion into Nmap scripts.

https://github.com/digitalbond/Redpoint/blob/master/proconos-info.nse

https://github.com/digitalbond/Redpoint/blob/master/pcworx-info.nse


Stephen Hilt
CISSP, C|EH, CPT
423.402.0936
hilt () digitalbond com
@sjhilt

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/





_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: