Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

unable to submit service fingerprint

From: "Valdez, Timothy (AGR)" <TValdez () agr wa gov>
Date: Mon, 23 Mar 2015 17:13:24 +0000
Apologize if this spams everyone, wasn't sure how to post to a support forum.

Scanning an internal server (no public access) using the following command: nmap -sV -v agrutoly02

Found an unknown fingerprint and tried to upload it. Below is the output from the command prompt window, I suppose you 
can take what you need out of it.  The lines break at 80 columns in case that matters. A few comments:

1. the URL in the final text output to submit unknown fingerprints is wrong and needs to be changed to what the real 
link is on your website
2. attempting to submit the fingerprint using any combination of copy-n-paste still resulted in the invalid fingerprint 
error on the webpage when clicking the [check] button, perhaps better explanatory text is needed in the final nMap text 
output or on that webpage
3. I deleted the IP address of the internal server just so I don't get spanked by our security folks (yes I know it's 
not an issue, but...)
4. I'm not subscribed to this list so I won't see any responses unless they are sent directly to me, am only sending 
this info in an effort to support the nMap software

===

Starting Nmap 6.47 ( http://nmap.org ) at 2015-03-23 09:41 Pacific Daylight Time

[..clip..]

Initiating Service scan at 09:41
Scanning 13 services on agrutoly02 ([deleted])
Completed Service scan at 09:42, 53.55s elapsed (13 services on 1 host)
NSE: Script scanning [deleted].
Initiating NSE at 09:42
Completed NSE at 09:42, 0.02s elapsed
Nmap scan report for agrutoly02 ([deleted])
Host is up (0.00036s latency).
rDNS record for [deleted]: agrutoly02
Not shown: 987 closed ports
PORT      STATE SERVICE       VERSION
80/tcp    open  http          Microsoft IIS httpd 7.5
135/tcp   open  msrpc         Microsoft Windows RPC
139/tcp   open  netbios-ssn
445/tcp   open  netbios-ssn
1433/tcp  open  ms-sql-s      Microsoft SQL Server 2008 R2
2301/tcp  open  http          CompaqHTTPServer 9.9 (HP System Management 3.0.0.6
4; httpd 2.2.6+)
2381/tcp  open  ssl/http      CompaqHTTPServer 9.9 (HP System Management 3.0.0.6
4; httpd 2.2.6+)
2383/tcp  open  ms-olap4?
3389/tcp  open  ms-wbt-server Microsoft Terminal Service
8080/tcp  open  http          Microsoft IIS httpd 7.5
49152/tcp open  msrpc         Microsoft Windows RPC
49153/tcp open  msrpc         Microsoft Windows RPC
49154/tcp open  msrpc         Microsoft Windows RPC
1 service unrecognized despite returning data. If you know the service/version,
please submit the following fingerprint at http://www.insecure.org/cgi-bin/servi
cefp-submit.cgi :
SF-Port1433-TCP:V=6.47%I=7%D=3/23%Time=5510424D%P=i686-pc-windows-windows%
SF:r(ms-sql-s,25,"\x04\x01\0%\0\0\x01\0\0\0\x15\0\x06\x01\0\x1b\0\x01\x02\
SF:0\x1c\0\x01\x03\0\x1d\0\0\xff\n2\x17p\0\0\0\0");
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Read data files from: C:\Program Files (x86)\Nmap
Service detection performed. Please report any incorrect results at http://nmap.
org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 56.47 seconds
           Raw packets sent: 1116 (49.088KB) | Rcvd: 1001 (40.080KB)

===

I hope this is useful to you!

Tim
===
"There is little hope for democracy if the hearts of men and women in democratic societies cannot be touched by a call 
to something greater than themselves."--Margaret Thatcher
---
Timothy M. Valdez, Webmaster
WA State Dept. of Agriculture
1111 Washington Street
PO Box 42560
Olympia, WA  98504-2560
(360)725-5507
http://agr.wa.gov/



_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: