Re: [NSE Script] Skype v2 service detection

[Fyodor <fyodor () insecure org>]

On Fri, Aug 18, 2006 at 12:40:21AM -0000, Brandon Enright wrote:
> Here is a NSE/Lua script for detecting if a service is opened by Skype v2.
> This implements the technique discussed last month about probing the service
> with a get request and another random request and comparing answers between
> the two.

Thanks, Brandon!  This, like the RealVNC overflow script you sent
yesterday, looks great!  I think Diman is on a well-earned vacation
right now, but we will incorporate these scripts upon his return in
early September.  With his latest NSE release, I think scripts can
modify the service table so that this skype protocol 2 information can
be output just as if it had been discovered by VD.  In addition, we
will probably tag scripts like this as version detection so they run
automatically when you specify -sV.  Finally, the new runlevel
capability lets you ensure that version detection scripts like this
one run first, so skype interrogation or exploitation scripts can
depend on this skype detection being performed first so they know
which ports to target.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org