Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Valve Steam In-Home Streaming gaming software probe / match with additional nse starter file

From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 21 Oct 2015 21:30:58 -0500
Kristian,

So sorry it took me so long to get to this, but I added this probe and your
match line to Nmap's nmap-service-probes file in r35342. I'm marking your
NSE script for later review.

Dan

On Thu, Apr 23, 2015 at 9:03 AM, Kristian Erik Hermansen <
kristian.hermansen () gmail com> wrote:


On Thu, Apr 23, 2015 at 5:46 AM, Daniel Miller <bonsaiviking () gmail com>
wrote:

Ah yes, this is because there is no match line, so probing continues.

Since

the SSLSessionReq probe matches, we know that a service fingerprint will

not

be displayed. I think you could get around this by adding
--version-intensity 0, which would send only the Null probe and any

probes

that have 27036 in the "ports" line.


That worked.


This is what I expected: the PSK identity hint contains some information

to

identify the service you're connecting to. This is how the client would
retrieve the appropriate pre-shared key for the service, if it were
configured to connect to multiple services with different keys.
Unfortunately, you haven't given enough of the packet to make a

fingerprint.

You can either use the --version-intensity 0 option like I suggested

above,

or you can just give the full packet dump from this command without the
-seek 0x5a -l 5 options.


I submitted the new TCP fingerprint into the nmap database online. You
should be able to find one UDP fingerprint and one TCP fingerprint
each relating to steam to help with further integration into nmap. Let
me know if you are unable to see the submitted entries in the database
for some reason...
--
Regards,

Kristian Erik Hermansen
https://www.linkedin.com/in/kristianhermansen
https://google.com/+KristianHermansen


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: