Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Add port service to nmap.
From: Antonio Vázquez Blanco <antoniovazquezblanco () gmail com>
Date: Mon, 10 Jun 2013 14:03:44 +0200

There's no service fingerprint.

sudo nmap -sV 192.168.2.1 -p31727

Starting Nmap 6.25 ( http://nmap.org ) at 2013-06-10 13:57 CEST
Nmap scan report for 192.168.2.1
Host is up (0.00064s latency).
PORT      STATE SERVICE VERSION
31727/tcp open  unknown
MAC Address: 00:80:5A:4B:0F:13 (Tulip Computers Internat'l B.V)

Service detection performed. Please report any incorrect results at
http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 6.30 seconds

What can be done?


2013/6/6 Antonio Vázquez Blanco <antoniovazquezblanco () gmail com>

Diagd service runs by default in 31727 but this can be changed. I can't
capture the service fingerprint now but I will try next week.

Thanks.


2013/6/6 David Fifield <david () bamsoftware com>

On Wed, Jun 05, 2013 at 11:56:47PM +0200, Antonio Vázquez Blanco wrote:
I've been trying to find some security holes in a conceptronic access
point. One of the things I've first done was port scanning. Nmap
reported
that port 31727/tcp was open but uknown service was running on it. After
some research I could access to uart logs of the device, showing the
following:

********** run Diagd **********
setting: port: 31727
running in daemon mode

which seems to be a diagnostic tool used in some embedded devices.

Please try scanning the device again, and use the -sV option to see if
you get a service fingerprint. If so, then submit it at
http://insecure.org/cgi-bin/servicefp-submit.cgi.

I don't see port 31727 in the IANA port name list at

http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.txt
.
Does this service always run on port 31727, or can it be different? If
it can be different, we're better off with a service fingerprint.

I guess the service name would be "diagd". Do you know anything else
about the service?

David Fifield



_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]