Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] Script Submission: NoMachine Version Enumeration

From: NMap User1 <jcacak () gdssecurity com>
Date: Thu, 19 Jan 2017 12:35:37 -0500
Hi Dan,
No, the service does not respond to any existing probes. It only responds when a proper client version handshake packet is sent, hence this script.
As an example, below is the output from 'nmap --version-all -sV -p4000 1.2.3.4': 
Host is up (0.00046s latency).
PORT      STATE SERVICE VERSION
4000/tcp open  unknown

Thanks,
-J


On 01/19/2017 11:35 AM, Daniel Miller wrote:

Justin,
Thanks so much for this script! It looks like this could be converted pretty easily to a version scan probe and match line. Does the service not respond to any existing probes? What is the output of nmap --version-all -sV -p4000 1.2.3.4? If we can reuse an existing probe and just add match lines, that would be great. Otherwise I will go ahead and add the probe to the nmap-service-probes file. 

Dan
On Thu, Jan 19, 2017 at 10:00 AM, nmap user <nmapuser1 () gmail com <mailto:nmapuser1 () gmail com>> wrote: 

    Hello,

    NoMachine is a popular cross-platform remote desktop solution.
    Attached is a NSE implementation to fingerprint/enumerate version
    details from a NoMachine Network Server.  By sending a crafted
    packet declaring the client version, the server will respond with
    the version of nxd.

    Example Output:
    #nmap -sV -p4000 --script nomachine-info 1.2.3.4

    Nmap scan report for 1.2.3.4
    Host is up (0.0035s latency).
    PORT     STATE SERVICE   VERSION
    4000/tcp open  nomachine NoMachine Network Server (nxd)
    | nomachine-info:
    |_  Version: NXD-5.1.26

    Thanks,
    -J

    _______________________________________________
    Sent through the dev mailing list
    https://nmap.org/mailman/listinfo/dev
    <https://nmap.org/mailman/listinfo/dev>
    Archived at http://seclists.org/nmap-dev/





_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: