Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: quake-server-info.nse
From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 07 Mar 2014 11:16:44 -0600

On 03/06/2014 05:45 PM, Ulrik Haugen wrote:
I've changed the portrule too. On this subject though, is there a way to
run a script on another set of ports except changing its portrule?
There are a couple of options. First, you can force a script to run regardless of its portrule by prepending "+" to the script name in your command: nmap --script +quake1-info

Second, you can check lots of things in the portrule, not just the port version information. It's usually best to not send packets in the portrule, and to keep it relatively short, but pretty much anything else is possible. This might include more ports.

Lastly, you can run with version detection. With the new probe and match, it is possible that odd ports will show up as "quake" and be run with the current portrule. However, because the rarity is set to 9 and the ports to 26000-26004, you would need to run version detection with --version-intensity 9 (a.k.a. --version-all) to actually send the probe to ports other than 26000-26004.
Updated version attached.

Best regards
/Ulrik Haugen
Thanks! With a couple minor changes (2-space indent, more detailed description, rename baf to ratio), I committed this in r32775. I took the liberty of renaming the script to quake1-info, to match the existing quake3-info script name. You can see your credit in the CHANGELOG as well:

o [NSE] Add quake1-info script for retrieving server and player information
  from Quake 1 game servers. Reports potential DoS amplification factor.
  [Ulrik Haugen]

Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]