Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: new script: openlookup-info
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Sat, 28 May 2011 17:44:49 +0300

OpenLookup was developed as a drop-in replacement for now discontinued
OpenDHT. I assume that many projects that were using OpenDHT as a
discovery service moved to OpenLookup. I do not have a good picture
about how many private instances there are. If we knew how many
projects were using OpenDHT we might get some idea about this. My
pessimistic guess would be not too many, but for all I know there
could be lots.

An OpenLookup server can be configured to synchronize their contents
with an other OpenLookup server. This is done by connecting to the
sync service on one server, and exchanging contents over that
connection. In addition to the sync service OpenLookup nodes provide
an another http-based interface for clients. This interface provides
more detailed information about the node, and is accessible with a web

A public OpenLookup "network" is hosted at any.openlookup.net and
lookup.infrahip.net There are two domain names to make sure one
operator can not take over the network. This network has a few actual
nodes, and I am personally running, a few extra nodes for testing
purposes. My nodes are not returned as an answer to a DNS lookup, but
I have connected them to the network as an exercise.

My script works by connecting to the sync service and retrieving the
first NSON message, which contains information about the node. I think
the script would be particularly useful in cases where a firewall
would block access to the http interface. I am also interested in
writing a script that would crawl an OpenLookup network by requesting
connection tables through the http interface. In such cases
openlookup-info would be particularly useful as it could provide some
details for the nodes that have their http interface blocked by
firewall rules.

I did earlier some experiments with scripts, that would gather
information through the http interface and crawl through networked
nodes. Before proceeding with them I'd want to get a better picture of
how the http scanning framework is going to develop. I think there is
going to be a problem with running tons of scripts against each http
server. We might need some generic way of identifying service that are
running on an http server. For crawling we need some support for
adding address/port combinations to scan targets, but that is another


On Sat, May 28, 2011 at 7:57 AM, David Fifield <david () bamsoftware com> wrote:
On Sun, May 22, 2011 at 05:07:39PM +0300, Toni Ruottu wrote:

I wrote an nse script that connects to the sync port of OpenLookup
discovery service, and extracts information from the handshake. You
can try out the script as follows.

nmap -p 5850 --script openlookup-info any.openlookup.net
lookup.infrahip.net javascript0.org

Can you give us some more information about what this protocol does and
how common it is?

David Fifield
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]