Re: afp-serverinfo.nse script

[Matt Selsky <selsky () columbia edu>]

When I scanned with the old version there was a server signature (even though "Server Signature" was No), though now 
that field is missing altogether.

PORT    STATE SERVICE VERSION
548/tcp open  afp     Netatalk 1.6 (name: manchego; protocol 2.2)
| afp-serverinfo:  
|   | Server Flags: 0x807d
|   |   Super Client: No
|   |   UUIDs: Yes
|   |   UTF8 Server Name: No
|   |   Open Directory: Yes
|   |   Reconnect: Yes
|   |   Server Notifications: No
|   |   TCP/IP: No
|   |   Server Signature: No
|   |   ServerMessages: No
|   |   Password Saving Prohibited: No
|   |   Password Changing: No
|   |_  Copy File: No
|   Server Name: manchego
|   Machine Type: unix
|   AFP Versions: AFPVersion 1.1, AFPVersion 2.0, AFPVersion 2.1, AFP2.2
|   UAMs: DHCAST128
|_  Network Address 1: 10.59.59.55
Service Info: OS: Unix


-- 
Matt

On Feb 10, 2010, at 5:46 PM, Andrew Orr wrote:

> Good catch, thanks Matt. UTF8 Server Name and Server Signature are both optional fields, I've updated the script to 
> check if those are included. If you run the updated script on that same machine it shouldn't output the utf8 server 
> name anymore.
>
> I also fixed the null byte bug more properly and fixed a typo.
>
> Attached is a patch to the patched afp.lua, and the revised afp-serverinfo.nse.
>
> Patrik is working on other parts of afp.lua and will commit everything when he's done.
>
> Everything should work now so unless someone can break it, I'll consider this script done. Please do test this if you 
> have access to any weird/old/non-macbook AFP servers though. Thanks!
>
> Cheers,
> -Andrew
>
> On 10-02-10 12:32 AM, Matt Selsky wrote:
> > Thanks, Andrew.  I tested this against netatalk 1.6.4 on Solaris, and the only problem I see if that the "UTF8 
> > Server Name" field is empty.
> >
> > $ ./nmap --datadir=. --script=afp-serverinfo -sV -p 548 manchego
> >
> > Starting Nmap 5.20 ( http://nmap.org ) at 2010-02-10 01:28 EST
> > NSE: Script Scanning completed.
> > Nmap scan report for manchego (10.59.59.55)
> > Host is up (0.016s latency).
> > rDNS record for 10.59.59.55: manchego
> > PORT    STATE SERVICE VERSION
> > 548/tcp open  afp     Netatalk 1.6 (name: manchego; protocol 2.2)
> > | afp-serverinfo:
> > |   | Server Flags: 0x807d
> > |   |   Super Client: No
> > |   |   UUIDs: Yes
> > |   |   UTF8 Server Name: No
> > |   |   Open Directory: Yes
> > |   |   Reconnect: Yes
> > |   |   Server Notifications: No
> > |   |   TCP/IP: No
> > |   |   Server Signature: No
> > |   |   ServerMessages: No
> > |   |   Password Saving Prohibited: No
> > |   |   Password Changing: No
> > |   |_  Copy File: No
> > |   Server Name: manchego
> > |   Machine Type: unix
> > |   AFP Versions: AFPVersion 1.1, AFPVersion 2.0, AFPVersion 2.1, AFP2.2
> > |   UAMs: DHCAST128
> > |   Server Signature: 0xC7341183C7341183C7341183C7341101
> > |   Network Address 1: 10.59.59.55
> > |_  UTF8 Server Name:
> > Service Info: OS: Unix
> >
> > Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
> > Nmap done: 1 IP address (1 host up) scanned in 6.63 seconds
> <afp.lua.patch2><afp-serverinfo.nse>_______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/