mailing list archives
Re: [NSE] isakmp aggressive mode and version detection
From: Jesper Kückelhahn <dev.kyckel () gmail com>
Date: Mon, 21 Jan 2013 19:16:18 +0100
Thanks for testing.
I'm sorry that I didn't include instructions for the script and files. I've tried to follow the convention currently
used for file locations, which means that the script assumes that the files 'ike.lua' and 'ike-fingerprints.lua' are
placed in 'nmap/nselib/' and 'nmap/nselib/data/', respectively. I think the error you are seeing is a consequence of
'ike-fingerprints.lua' not being found and loaded correctly.
In my testing I've used the following syntax:
# nmap --script=ike-version -p500 -sUV --version-intensity=0 -dd TARGET
The script uses the same port as the an isakmp service is listening on (UDP port 500) for socket:bind, so running a
isakmp service on localhost could be causing some issues ? This can be changed in line 332 in 'ike.lua'.
Does this help ?
On Jan 21, 2013, at 7:39 AM, David Fifield <david () bamsoftware com> wrote:
On Sat, Jan 19, 2013 at 04:20:15PM +0100, Jesper Kückelhahn wrote:
I've debugged and enhanced this script, so it should be more robust and
have better version detection on some systems.
I'm getting this error against a dummy Ncat listener:
$ sudo ncat -l --udp 500 -k --sh-exec "cat > /dev/null"
$ sudo ./nmap -p 500 -sU localhost --script=ike-version -d
NSE: ike-version against 127.0.0.1:500 threw an error!
/home/david/nmap-git/nselib/ike.lua:183: bad argument #1 to 'pairs' (table expected, got nil)
[C]: in function 'pairs'
/home/david/nmap-git/nselib/ike.lua:183: in function 'lookup'
/home/david/nmap-git/nselib/ike.lua:310: in function </home/david/nmap-git/nselib/ike.lua:290>
scripts/ike-version.nse:58: in function 'get_version'
scripts/ike-version.nse:100: in function <scripts/ike-version.nse:99>
I seem to get the same error when I try to install an IKE listener to
test against. I tried the Debian packages strongswan-ikev1 (pluto) and
strongswan-ikev2 (charon), and netstat says they are listening on port
500, but I get the same error as above. What do you recommend testing
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/