Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Minecraft "Insecure Mode" Detection Script
From: Ron <ron () skullsecurity net>
Date: Thu, 13 Jan 2011 13:13:02 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 11 Jan 2011 23:48:04 -0800 Fyodor <fyodor () insecure org> wrote:
On Tue, Jan 11, 2011 at 10:04:16AM +0200, Toni Ruottu wrote:

As for extracting more information, I had my go at implementing the
protocol in greater detail. It is doable, but not that easy. The
protocol is very verbose, so getting the interesting information
requires bypassing lots of uninteresting stuff. That would not be so
much of a problem, but skipping a frame requires parsing it to
figure out how big it is based on the frame type, but also some
information stored in the payload.

Thanks for the details!  For now I think we should leave
minecraft-auth out of Nmap proper, and let users who want it get it
from http://seclists.org/nmap-dev/2010/q4/729.  We can revisit that if
we see a lot of demand from users to have it integrated, or if it is
expanded to obtain more information from the Minecraft server.

I personally think that unless it's big, noisy, slow, or pointless, it should be included. 

Somebody doing a vulnerability scan of their network might see no vulnerabilities, even though this vulnerability 
exists. 

Ron
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)

iEYEARECAAYFAk0vTsQACgkQ2t2zxlt4g/QmjgCfVOhUgyCWeFMTcelIl61LbMS2
PbMAoKq5z+N8Y70m3VeBNV9/BFxdc9g6
=QILt
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]