Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Version detection of Ldap Service using nmap
From: "Anil Kumar D.K" <anil.dk () eximsoft com>
Date: Fri, 5 Dec 2003 10:48:37 +0530

Hi all,

I am trying to find version of ldap service using nmap.

nmap 10.10.40.223 -p389 -A

For Microsoft Active directory, I am getting the right information. (As the match string already exists in 
nmap-service-probes file)

I would like to find version of ldap service of the following vendors
Critical Path Directory Service 4.2
Siemens Directory DirX 6.0

For Critical Path Directory Service 4.2, I got the service finger print as below

D:\nmap-3.48>nmap 10.10.40.223 -p1702 -A
Starting nmap 3.48 ( http://www.insecure.org/nmap ) at 2003-12-05 10:35 India Standard Time
Warning:  OS detection will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port
Interesting ports on EWSMC280 (10.10.40.223):
PORT     STATE SERVICE VERSION
1702/tcp open  unknown
1 service unrecognized despite returning data. If you know the service/version,please submit the following fingerprint 
at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
SF-Port1702-TCP:V=3.48%D=12/5%Time=3FD01237%r(LDAPBindReq,E,"0\x0c\x02\x01
SF:\x01a\x07\n\x01\0\x04\0\x04\0");
Device type: general purpose
Running: Microsoft Windows 95/98/ME|NT/2K/XP
OS details: Microsoft Windows Millennium Edition (Me), Windows 2000 Professional
 or Advanced Server, or Windows XP

Nmap run completed -- 1 IP address (1 host up) scanned in 13.570 seconds

I have submitted the fingerprint to http://www.insecure.org/cgi-bin/servicefp-submit.cgi
I tried to use the match string "0\x0c\x02\x01\x01a\x07\n\x01\0\x04\0\x04\0" in the nmap-service-probes for Ldap service
But this string matches even for openLDAP 1.4.x

Is there any way to get a unique string for each ldap product?
Any help will be really appreciated.

Regards,
Anil

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault