Re: Patch to add "Version scan".

> From: "Jay Freeman (saurik)" <saurik_at_cyberuniverse.com>
> Subject: Patch to add "Version scan".
> To: Nmap-Hackers <nmap-hackers_at_insecure.org>
>
> [Comments/Code about patches to nmap to return version number running ...]
>
> Sincerely,
> Jay Freeman (saurik)
> saurik_at_saurik.com <mailto:saurik_at_saurik.com>

Jay,

Super-duper cool stuff ... I hope this gets rolled into nmap itself!

Note that nmap-web has some (primitive) port querying code ... I've attached
the snippet for port 13, daytime ... which is actually by far the most
complicated since we have to do some misc. date/time parsing - hopefully,
this might be of use to you since this can then be used as an easy way
to check that the time/date is set correctly on machines if the port is open;
good way to insure that your NTP setup is actually working! ;-)

Again, GREAT stuff - I'd love to see this functionality moved into nmap itself.
alek

P.S. nmap-web is at: http://www.komar.org/komar/alek/ -> Misc. Tech Stuff
Feel free, of course, to "canabilize" anything I've done.

#nmap-web: port 13 query ... probably most complicated one! ;-)
sub query_port{
   my ($timeout) = @_;
   my $remote_data;
   my $diff = 999;
   print $socket "";
   $remote_date = get_socket_value($timeout);
   if (/Socket timed out/) {
      $_ = $remote_date;
   } else {
      $diff = &get_diff_seconds($remote_date);
      $_ = sprintf("%5s%s" ,"$diff" , " $remote_date");
   }
   return "$_","$diff";
}

sub get_diff_seconds{
   # CPAN stuff could do this easier for you ...
   # But this is complicated by the fact that you don't know the timezone ...
   my ($remote_date,$rdaytime,$rmday) = @_;
   my ($seconds,$minutes,$hours,$daytime,$mday,$month,$year);
   my ($local_date,$local_sec,$remote_sec,$diff);
   use Time::Local;
   $local_date = localtime;

   # NT adds commands and moves the year around ...
   $remote_date =~ s/\,//g;
   ($_,$_,$rmday,$rdaytime) = split(/\s+/,$remote_date);
   ($_,$_,$_,$rmday,$rdaytime) = split(/\s+/,$remote_date) if ( ! ($rdaytime =~ /\:/));
   ($hours,$minutes,$seconds) = split(/:/,$rdaytime);

   ($_,$_,$_,$mday,$month,$year)=localtime();
   $remote_sec = timelocal($seconds,$minutes,$hours,$mday,$month,$year);

# Giant kludge to work around time zone stuff and testing around midnight ...
   if ( $rmday == $mday ) {
      #NOOP
   } elsif (( $rmday == ($mday+1)) || ( ($rmday == 1) && ( $rmday !=e $mday ))) {
      $remote_sec = $remote_sec + ( 24*60*60);
   } elsif (( $mday == ($rmday+1)) || ( ($mday == 1) && ( $rmday != $mday ))) {
      $remote_sec = $remote_sec - ( 24*60*60);
   } else {
      print "something wierd happening here with timezones ...\n";
      print "local date is $local_date and remote date is $remote_date ...\n";
      print "Let the $author know ... \n";
   }

   ($_,$_,$_,$daytime) = split(/\s+/,$local_date);
   ($hours,$minutes,$seconds) = split(/:/,$daytime);
   ($_,$_,$_,$mday,$month,$year)=localtime();
   $local_sec = timelocal($seconds,$minutes,$hours,$mday,$month,$year);
   $diff = $remote_sec - $local_sec;
# timezone correction - we assume you are at least withen an hour! ;-)
   if (abs($diff) > 3500) {
      $diff = $diff - ( 3600*int(($diff*1.2)/3600));
   }
   return $diff;
}

sub get_socket_value {
   my ($timeout) = @_;
   $SIG{ALRM} = sub { die "timeout" };
   eval {
      alarm ($timeout);
      $_ = <$socket>;
      alarm(0);
   };
   if ( $@ ) {
      if ( $@ =~ /timeout/ ) {
         $_ = "<font color=\"red\">Socket timed out after $timeout seconds</font>";
      } else {
         alarm(0);
         die;
      }
   }
   chomp();
   s/\r//;
   return $_;
}
Received on May 15 2000