Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [PATCH] Always list SSL in case any SSL connection succeeded
From: Kristof Boeynaems <kristof.boeynaems () gmail com>
Date: Sun, 22 Feb 2009 08:39:41 +0100

Kristof Boeynaems wrote:
Hi All,

A quick patch for the 'bug' described in http://seclists.org/nmap-dev/2009/q1/0484.html.


I was a bit too quick in submitting the above patch. It will not print out any new fingerprint in the SSL case.

Attached an improved patch that fixes that issue.

Cheers,

Kristof

diff -urNb nmap-4.85BETA3/service_scan.cc nmap-4.85BETA3_always_print_ssl/service_scan.cc
--- nmap-4.85BETA3/service_scan.cc      2008-12-04 18:04:48.000000000 +0100
+++ nmap-4.85BETA3_always_print_ssl/service_scan.cc     2009-02-22 08:38:17.000000000 +0100
@@ -2310,6 +2310,22 @@
                                          *(*svc)->devicetype_matched? (*svc)->devicetype_matched : NULL, 
                                          shouldWePrintFingerprint(*svc) ? (*svc)->getServiceFingerprint(NULL) : NULL);
    }  else {
+     if ((*svc)->tunnel != SERVICE_TUNNEL_NONE){
+        /* Always print SSL tunnel, if we detected such a tunnel */
+        assert((*svc)->tunnel == SERVICE_TUNNEL_SSL);
+
+        (*svc)->port->setServiceProbeResults((*svc)->probe_state,
+                                          (*svc)->probe_matched,
+                                          (*svc)->tunnel,
+                                          *(*svc)->product_matched? (*svc)->product_matched : NULL,
+                                          *(*svc)->version_matched? (*svc)->version_matched : NULL,
+                                          *(*svc)->extrainfo_matched? (*svc)->extrainfo_matched : NULL,
+                                          *(*svc)->hostname_matched? (*svc)->hostname_matched : NULL,
+                                          *(*svc)->ostype_matched? (*svc)->ostype_matched : NULL,
+                                          *(*svc)->devicetype_matched? (*svc)->devicetype_matched : NULL,
+                                          shouldWePrintFingerprint(*svc) ? (*svc)->getServiceFingerprint(NULL) : NULL);
+     }
+     /* Print new fingerprint if found */
      if ((*svc)->getServiceFingerprint(NULL))
        (*svc)->port->setServiceProbeResults((*svc)->probe_state, NULL,
                                            (*svc)->tunnel, NULL, NULL, NULL, NULL, NULL, NULL,

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]