Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: SSTP information script
From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 15 Jan 2014 09:50:10 -0600

On 01/14/2014 06:09 PM, Niklaus Schiess wrote:
Hi,

this is a slightly modified version of a script i submitted a while ago.
It checks if the Secure Socket Tunneling Protocol
(http://msdn.microsoft.com/en-us/library/cc247338.aspx) is supported for
a given host. Further information as well as SSTP enabled testing hosts
are included in the script description.

Let me know if there are any issues with the script.

Regards,
Niklaus Schiess
Niklaus,

Thanks for resubmitting this. Sorry your previous submission fell through the cracks! When we spoke about this script over IRC, we discussed switching to using the http.generic_request function instead of lower-level socket functions. Did you try that? Was there a reason why you didn't choose that method?

A couple other things that might need cleanup:

1. The portrule is probably too specific at this point. Assuming that you want to check for this on every HTTPS service regardless of port, you probably want something like:

portrule = function(host, port)
  return shortport.http(host, port) and shortport.ssl(host, port)
end

This may be a common enough problem that we should have a special shortport.https function, but I'm not sure.

2. For output keys, we prefer lowercase identifiers (e.g. output.status instead of output.STATUS)

3. We already have a script that grabs the HTTP Date header, and service version detection (-sV) will use the Server header if available. The output of this script could be simply a string, "SSTP is supported." Is there any other useful information in the response to an SSTP probe that is different from what is available in the HTTP probe?

Looking forward to integrating this script.

Dan
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault