Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Services matched by script--show a service fingerprint?
From: David Fifield <david () bamsoftware com>
Date: Sat, 2 Apr 2011 18:33:37 -0700

On Sun, Apr 03, 2011 at 03:34:38AM +0530, ambarisha b wrote:
Hi,

I have looked into this, but as far as I could read, it should be
working as intended i.e if there is a match in the scripts, the
fingerprint doesn't get displayed.From the code, when we run a service
probe against a port , we're saving the results(if any) using the
setServiceProbeResults() whose last parameter is the fingerprint.If
the fingerprint wasn't properly matched we're passing it on to the
setServiceProbeResults() otherwise we just pass NULL which means the
fingerprint wouldn't be displayed as it was matched..So,what is
currently happening,in this particular case, is that service_scan will
set the fingerprint for the port.But after that when the
skype2-version.nse script is run , it will try to set what it has
found for the port.If there is a match it will pass the fingerprint
argument as NULL which will overwrite the previously set
fingerprint.Finally, we wouldn't be printing the fingerprint and there
shouldn't be a problem.

You know what, I think you're right. I made a mistake when I read the
screenshot at http://seclists.org/nmap-dev/2011/q1/1014. Port 443 was
correctly identified as Skype, but the fingerprint was being printed for
port 80, not port 443. The skypev2-version script must have failed on
port 80.

So, never mind. Thank you for looking into this, Ambarisha.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault