Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: named probes
From: Martin Holst Swende <martin () swende se>
Date: Tue, 22 Feb 2011 19:50:03 +0100

On 02/22/2011 02:47 PM, Patrik Karlsson wrote:
Hi all,

I recently mentioned an idea, in one of many mssql mails, about implementing named probes.
I'm starting a new thread regarding this idea incase someone missed it in between all the mssql stuff.

What I would like to achieve is to address the problem that the "force patch" attempts to solve, but in a slightly 
different way.
By adding support for running one or more probes by name, one could target a number of ports and only run the probes 
specified on the command line in order to do a very quick fingerprint.
Instead of forcing scripts to run against each open port, the scripts would only run if the services were properly 
detected as the targeted ones.

The following example attempts to detect ms-sql or oracle servers running in the following port spans 1433-1500 and 
1521-1600.
Once detected the correct brute script will be launched against the service.
nmap -sV -p 1433-1500,1521-1600 1.2.3.4 --probes ms-sql-s,oracle-tns --script oracle-brute,ms-sql-brute

The following example attempts to fingerprint any http-servers running on the ports 80,443 or 8080, 8443.
For each detected http-server the http-title script is executed
nmap -sV -p 80,443,8080,8433 --probes GetRequest --script http-title
That's a great idea, I'm all for it!
/Martin


//Patrik
--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
  • named probes Patrik Karlsson (Feb 22)
    • Re: named probes Martin Holst Swende (Feb 22)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault