Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] iPhoto DPAP support
From: Patrik Karlsson <patrik () cqure net>
Date: Sat, 26 Feb 2011 17:25:49 +0100

On Feb 24, 2011, at 20:57 , David Fifield wrote:

On Mon, Jan 24, 2011 at 10:40:11PM +0100, Patrik Karlsson wrote:

I've added a probe to detect a shared iPhoto library. It prints the
iPhoto version and the name of the shared library.

It looks good, go ahead and commit it.

Does iPhoto return anything useful for GetRequest? Does this probe work
against dmapd (http://www.flyn.org/projects/dmapd/)?

The GetRequest returns a "bad request" response along with the version.
I tried to install dmapd on one of my Ubuntu boxes but gave up after a while, so I don't know if the probe works 
against dmapd or not.

While at it I created a script that attempts to guess password against
the service.

I suppose that since we have the version probe the portrule should match
"apple-iphoto" as well. Also, should the actual port number be
substituted in place of 8770 here?
               local data = "GET dpap://%s:8770/login HTTP/1.1\r\n" ..
You can commit this script as well.

I've updated the script according to your suggestions and committed everything as r22392.
Thanks for the feedback!

David Fifield

Patrik Karlsson

Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]