Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Minecraft "Insecure Mode" Detection Script
From: Fyodor <fyodor () insecure org>
Date: Tue, 11 Jan 2011 23:48:04 -0800

On Tue, Jan 11, 2011 at 10:04:16AM +0200, Toni Ruottu wrote:

As for extracting more information, I had my go at implementing the
protocol in greater detail. It is doable, but not that easy. The
protocol is very verbose, so getting the interesting information
requires bypassing lots of uninteresting stuff. That would not be so
much of a problem, but skipping a frame requires parsing it to figure
out how big it is based on the frame type, but also some information
stored in the payload.

Thanks for the details!  For now I think we should leave
minecraft-auth out of Nmap proper, and let users who want it get it
from http://seclists.org/nmap-dev/2010/q4/729.  We can revisit that if
we see a lot of demand from users to have it integrated, or if it is
expanded to obtain more information from the Minecraft server.

Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]