Home page logo

nmap-dev logo Nmap Development mailing list archives

Request: encrypted BitTorrent version script
From: David Fifield <david () bamsoftware com>
Date: Wed, 30 Dec 2009 20:31:41 -0700

Hi all,

I'm just about finished integrating service fingerprint submissions from
the past year. There were a lot of submissions for a protocol that I was
unable to make an entry for: encrypted BitTorrent. Wikipedia has an
article: http://en.wikipedia.org/wiki/BitTorrent_protocol_encryption.

The SMBProgNeg probe seems to get a response from client programs like
Deluge, Transmission, ktorrent, and others. The listening port tends to
be a random high-numbered port.

We have the skypev2-version.nse that can detect another encrypted
protocol. Even if we had a similar script for BitTorrent, one that said
"this is encrypted BitTorrent" and nothing else, that would be good. But
as this protocol is presumably documented, maybe we can do a real
protocol negotiation and learn more.

David Fifield
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
  • Request: encrypted BitTorrent version script David Fifield (Dec 31)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]