Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows

From: Patrik Karlsson <patrik () cqure net>
Date: Tue, 22 Apr 2014 16:20:30 -0400
Kent,

Out of curiosity, does the server respond with plain HTTP on that port as
well telling you that you need to connect using HTTPS?

-Patrik



On Tue, Apr 22, 2014 at 11:58 AM, Kent Fritz <kfritz () wolfman devio us>wrote:


On Tue, Apr 22, 2014 at 06:39:20AM -0500, Daniel Miller wrote:


You can increase the number of ports that will successfully pass the
portrule (as well as possibly rule some out) by using the service version
detection scan, -sV.


This does not work for (at least) Nginx and Apache running SSL on
non-standard
ports.  The -sV detects it as HTTP and does not run the ssl-heartbleed
script.
You have to specify --script +ssl-heartbleed specifically on these ports.

(Please let me know if I'm doing something wrong.)

Thanks,

Kent.
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/





-- 
Patrik Karlsson
http://www.cqure.net
http://twitter.com/nevdull77
http://www.linkedin.com/in/nevdull77
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: