Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: xmpp.nse
From: Vasiliy Kulikov <segooon () gmail com>
Date: Sun, 22 May 2011 21:24:08 +0400

Hi Henri,

Thank you for the review.

On Sun, May 22, 2011 at 18:52 +0200, Henri Doreau wrote:
My first concern is about the maintainability of the script. That
would probably make sense to split part of it into a XMPP library (see
nselib/*.lua for the existing ones) and a fingerprint file...

Fingerprint file - like http-fingerpints?  OK.

In the other hand it is also fine to have everything in a single
script as it's our only XMPP related NSE but I'm afraid it might be
difficult to update/maintain.

I'm planning to add xmpp-brute (almost like pop3-brute),
xmpp-service-discovery (sending service discovery queries to XMPP
entities and parsing responses, needs working login:passwod pair),
enhance ssl-cert for XMPP, so, yes, I'll divide the script :)

When testing the script against jabber.ccc.de I got the following output:
"""
Host is up (0.043s latency).
PORT     STATE SERVICE
5222/tcp open  xmpp-client
| xmpp:
|     XMPP
|       lang: en
|       v1.0
|     features
|       In-Band Registration
|       TLS
|     capabilities
|       node: http://www.process-one.net/en/ejabberd/
|       ver: o8zQAtrb2wELMmZizvbnpvqp5cE=
|     AUTH MECHANISMS (2)
|       PLAIN
|       DIGEST-MD5
|     Unknown features (please report about it on nmap-dev@)
|       c
|_  Respects server name
"""
I guess that this "c" tag shouldn't end there... Am I wrong?

Yep, a bug, already fixed in unpublished version (with other "undefined"
features).

BTW, maybe I'll completely remove "capabilities" output section as all
node & ver info is already formatted as server version info & features,
respectively.  I'll re-study RFC and realize whether it makes sense.

It would also be nice to get around the TODO points... What about
defining a "policy" to react consistently against these unexpected
replies?

I'm afraid I don't understand you.  Isn't the reference to nmap-dev@
in output sufficient?

Thanks,

-- 
Vasiliy
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault