Nmap Development mailing list archives
Re: Evaluation of fingerprint
From: Parth Thumar <parththumar1994 () gmail com>
Date: Tue, 15 Mar 2016 21:54:24 +0530
Hi all, I'm unable to understand a bug and how to evaluate a help will be appreciated!! How to understand any bug? Is there any language because i have gone through github's bug and was unable to understand, so please give me some basic level bug to solve. On Mon, Mar 7, 2016 at 5:48 AM, Daniel Miller <bonsaiviking () gmail com> wrote:
Parth, This service is Adobe Flash socket policy file ( https://www.adobe.com/devnet/flashplayer/articles/socket_policy_files.html). Since Nmap 6.49BETA1, Nmap has detected this as a softmatch, meaning that the service name will be populated but the service fingerprint will still be shown. Because of your email, I have added facebook's particular response as a hard match in r35661 (dev) so that the fingerprint will not be printed in the future. I encourage you to upgrade to the latest stable version, 7.01. Dan On Sun, Mar 6, 2016 at 8:36 AM, Parth Thumar <parththumar1994 () gmail com> wrote:Hi all, I have scanned the ip 31.13.79.220(www.facebook.com) through zenmap and i got this fingerprint which is on port 843-tcp and open but unknown. SF-Port843-TCP:V=6.47%I=7%D=3/6%Time=56DC3AE4%P=i686-pc-windows-windows%r( SF:NULL,126,"<\?xml\x20version=\"1\.0\"\?>\r\n<!DOCTYPE\x20cross-domain-po SF:licy\x20SYSTEM\x20\"http://www \.adobe\.com/xml/dtds/cross-domain-policy SF:\.dtd\">\r\n<cross-domain-policy>\r\n\x20<site-control\x20permitted-cro SF:ss-domain-policies=\"master-only\"/>\r\n\x20<allow-access-from\x20domai SF:n=\"www\.facebook\.com\"\x20to-ports=\"443\"\x20/>\r\n</cross-domain-po SF:licy>\r\n")%r(GetRequest,126,"<\?xml\x20version=\"1\.0\"\?>\r\n<!DOCTYP SF:E\x20cross-domain-policy\x20SYSTEM\x20\"http://www \.adobe\.com/xml/dtds SF:/cross-domain-policy\.dtd\">\r\n<cross-domain-policy>\r\n\x20<site-cont SF:rol\x20permitted-cross-domain-policies=\"master-only\"/>\r\n\x20<allow- SF:access-from\x20domain=\"www\.facebook\.com\"\x20to-ports=\"443\"\x20/>\ SF:r\n</cross-domain-policy>\r\n")%r(HTTPOptions,126,"<\?xml\x20version=\" SF:1\.0\"\?>\r\n<!DOCTYPE\x20cross-domain-policy\x20SYSTEM\x20\" http://www SF:\.adobe\.com/xml/dtds/cross-domain-policy\.dtd\">\r\n<cross-domain-poli SF:cy>\r\n\x20<site-control\x20permitted-cross-domain-policies=\"master-on SF:ly\"/>\r\n\x20<allow-access-from\x20domain=\"www\.facebook\.com\"\x20to SF:-ports=\"443\"\x20/>\r\n</cross-domain-policy>\r\n")%r(RPCCheck,126,"<\ SF:?xml\x20version=\"1\.0\"\?>\r\n<!DOCTYPE\x20cross-domain-policy\x20SYST SF:EM\x20\"http://www \.adobe\.com/xml/dtds/cross-domain-policy\.dtd\">\r\n SF:<cross-domain-policy>\r\n\x20<site-control\x20permitted-cross-domain-po SF:licies=\"master-only\"/>\r\n\x20<allow-access-from\x20domain=\"www\.fac SF:ebook\.com\"\x20to-ports=\"443\"\x20/>\r\n</cross-domain-policy>\r\n")% SF:r(DNSStatusRequest,126,"<\?xml\x20version=\"1\.0\"\?>\r\n<!DOCTYPE\x20c SF:ross-domain-policy\x20SYSTEM\x20\"http://www \.adobe\.com/xml/dtds/cross SF:-domain-policy\.dtd\">\r\n<cross-domain-policy>\r\n\x20<site-control\x2 SF:0permitted-cross-domain-policies=\"master-only\"/>\r\n\x20<allow-access SF:-from\x20domain=\"www\.facebook\.com\"\x20to-ports=\"443\"\x20/>\r\n</c SF:ross-domain-policy>\r\n")%r(Help,126,"<\?xml\x20version=\"1\.0\"\?>\r\n SF:<!DOCTYPE\x20cross-domain-policy\x20SYSTEM\x20\"http://www \.adobe\.com/ SF:xml/dtds/cross-domain-policy\.dtd\">\r\n<cross-domain-policy>\r\n\x20<s SF:ite-control\x20permitted-cross-domain-policies=\"master-only\"/>\r\n\x2 SF:0<allow-access-from\x20domain=\"www\.facebook\.com\"\x20to-ports=\"443\ SF:"\x20/>\r\n</cross-domain-policy>\r\n"); So i want know what this script means and how nmap is able to obtain this script? _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Evaluation of fingerprint Parth Thumar (Mar 06)
- Re: Evaluation of fingerprint Daniel Miller (Mar 06)
- Re: Evaluation of fingerprint Parth Thumar (Mar 15)
- Re: Evaluation of fingerprint Daniel Miller (Mar 06)