Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: quake-server-info.nse
From: Ulrik Haugen <qha () lysator liu se>
Date: Sat, 08 Mar 2014 00:28:00 +0100

Daniel Miller <bonsaiviking () gmail com> wrote:
On 03/06/2014 05:45 PM, Ulrik Haugen wrote:
I've changed the portrule too. On this subject though, is there a way to
run a script on another set of ports except changing its portrule?

There are a couple of options. First, you can force a script to run
regardless of its portrule by prepending "+" to the script name in
your command: nmap --script +quake1-info

Second, you can check lots of things in the portrule, not just the
port version information. It's usually best to not send packets in the
portrule, and to keep it relatively short, but pretty much anything
else is possible. This might include more ports.

Lastly, you can run with version detection. With the new probe and
match, it is possible that odd ports will show up as "quake" and be
run with the current portrule. However, because the rarity is set to 9
and the ports to 26000-26004, you would need to run version detection
with --version-intensity 9 (a.k.a. --version-all) to actually send the
probe to ports other than 26000-26004.

Oh, i see! I thought there had to be a better reason for including the
service name in the port rule than what i wrote in the comment for it.

Updated version attached.

Thanks! With a couple minor changes (2-space indent, more detailed
description, rename baf to ratio),

Excellent, i was never very happy with baf but for some reason it never
crossed my mind to find something better for that particular annoyance.

I committed this in r32775. I took the liberty of renaming the script
to quake1-info, to match the existing quake3-info script name. You can
see your credit in the CHANGELOG as well:

o [NSE] Add quake1-info script for retrieving server and player information
  from Quake 1 game servers. Reports potential DoS amplification factor.
  [Ulrik Haugen]

I'm very pleased to see this!

Best regards
/Ulrik Haugen
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]