Index: scripts/amqp-info.nse =================================================================== --- scripts/amqp-info.nse (revision 33212) +++ scripts/amqp-info.nse (working copy) @@ -39,7 +39,7 @@ categories = {"default", "discovery", "safe", "version"} -portrule = shortport.port_or_service(5672, "amqp", "tcp", "open") +portrule = shortport.version_port_or_service(5672, "amqp", "tcp", "open") action = function(host, port) local cli = amqp.AMQP:new( host.ip, port.number ) Index: scripts/enip-info.nse =================================================================== --- scripts/enip-info.nse (revision 33212) +++ scripts/enip-info.nse (working copy) @@ -56,7 +56,7 @@ -- -- -- IANA replaced the historical EtherNet/IP-2 name with EtherNet-IP-2 -portrule = shortport.port_or_service(44818, {"EtherNet-IP-2", "EtherNet/IP-2"}, {"tcp","udp"}) +portrule = shortport.version_port_or_service(44818, {"EtherNet-IP-2", "EtherNet/IP-2"}, {"tcp","udp"}) --- -- Table to look up the Vendor Name based on Vendor ID Index: scripts/http-server-header.nse =================================================================== --- scripts/http-server-header.nse (revision 33212) +++ scripts/http-server-header.nse (working copy) @@ -30,7 +30,7 @@ if type(port.version) == "table" and (port.version.name_confidence > 3 or port.version.product ~= nil) then return false end - return shortport.http(host,port) + return (shortport.http(host,port) and nmap.version_intensity() >= 7) end action = function(host, port) Index: scripts/ike-version.nse =================================================================== --- scripts/ike-version.nse (revision 33212) +++ scripts/ike-version.nse (working copy) @@ -28,7 +28,7 @@ license = "Same as Nmap--See http://nmap.org/book/man-legal.html" categories = {"default", "discovery", "safe", "version"} -portrule = shortport.port_or_service(500, "isakmp", "udp") +portrule = shortport.version_port_or_service(500, "isakmp", "udp") -- Test different methods for getting version Index: scripts/jdwp-version.nse =================================================================== --- scripts/jdwp-version.nse (revision 33212) +++ scripts/jdwp-version.nse (working copy) @@ -28,6 +28,7 @@ return port.service == "tcpwrapped" and port.protocol == "tcp" and port.state == "open" and not(shortport.port_is_excluded(port.number,port.protocol)) + and nmap.version_intensity() >= 7 end action = function(host, port) Index: scripts/maxdb-info.nse =================================================================== --- scripts/maxdb-info.nse (revision 33212) +++ scripts/maxdb-info.nse (working copy) @@ -35,7 +35,7 @@ categories = { "default", "version" } -portrule = shortport.port_or_service(7210, "maxdb", "tcp") +portrule = shortport.version_port_or_service(7210, "maxdb", "tcp") -- Sends and receive a MaxDB packet -- @param socket already connected to the server Index: scripts/mcafee-epo-agent.nse =================================================================== --- scripts/mcafee-epo-agent.nse (revision 33212) +++ scripts/mcafee-epo-agent.nse (working copy) @@ -31,10 +31,12 @@ portrule = function(host, port) if port.version ~= nil and port.version.product ~= nil then - return (port.version.product:find("[eE][pP]olicy Orch") + return ((port.version.product:find("[eE][pP]olicy Orch") or port.version.product:find("[eE]PO [aA]gent")) + and nmap.version_intensity() >= 7) else - return (port.number == 8081 and port.protocol == "tcp") + return ((port.number == 8081 and port.protocol == "tcp") + and nmap.version_intensity() >= 7) end end Index: scripts/openlookup-info.nse =================================================================== --- scripts/openlookup-info.nse (revision 33212) +++ scripts/openlookup-info.nse (working copy) @@ -28,7 +28,7 @@ categories = {"default", "discovery", "safe", "version"} -portrule = shortport.port_or_service(5850, "openlookup") +portrule = shortport.version_port_or_service(5850, "openlookup") -- Netstring helpers -- http://cr.yp.to/proto/netstrings.txt Index: scripts/quake1-info.nse =================================================================== --- scripts/quake1-info.nse (revision 33212) +++ scripts/quake1-info.nse (working copy) @@ -74,6 +74,7 @@ and port.protocol == 'udp' and ((26000 <= port.number and port.number <= 26004) or port.service == 'quake') + and nmap.version_intensity() >= 7 end Index: scripts/quake3-info.nse =================================================================== --- scripts/quake3-info.nse (revision 33212) +++ scripts/quake3-info.nse (working copy) @@ -76,7 +76,7 @@ return list end -portrule = shortport.port_or_service(range(27960, 27970), {'quake3'}, 'udp') +portrule = shortport.version_port_or_service(range(27960, 27970), {'quake3'}, 'udp') local function parsefields(data) local fields = {} Index: scripts/rfc868-time.nse =================================================================== --- scripts/rfc868-time.nse (revision 33212) +++ scripts/rfc868-time.nse (working copy) @@ -22,7 +22,7 @@ categories = {"discovery", "safe", "version"} -portrule = shortport.port_or_service(37, "time", {"tcp", "udp"}) +portrule = shortport.version_port_or_service(37, "time", {"tcp", "udp"}) action = function(host, port) local status, result = comm.exchange(host, port, "", {bytes=4, proto=port.protocol}) Index: scripts/rpc-grind.nse =================================================================== --- scripts/rpc-grind.nse (revision 33212) +++ scripts/rpc-grind.nse (working copy) @@ -52,7 +52,7 @@ -- different than rpcbind. return false end - return true + return nmap.version_intensity() >= 7 end --- Function that determines if the target port of host uses RPC protocol. Index: scripts/skypev2-version.nse =================================================================== --- scripts/skypev2-version.nse (revision 33212) +++ scripts/skypev2-version.nse (working copy) @@ -24,6 +24,7 @@ and port.protocol == "tcp" and port.state == "open" and port.version.name_confidence < 10 and not(shortport.port_is_excluded(port.number,port.protocol)) + and nmap.version_intensity() >= 7 end action = function(host, port) Index: scripts/weblogic-t3-info.nse =================================================================== --- scripts/weblogic-t3-info.nse (revision 33212) +++ scripts/weblogic-t3-info.nse (working copy) @@ -10,7 +10,7 @@ portrule = function(host, port) if type(port.version) == "table" and port.version.name_confidence > 3 and port.version.product ~= nil then - return string.find(port.version.product, "WebLogic", 1, true) + return string.find(port.version.product, "WebLogic", 1, true) and nmap.version_intensity() >= 7 end return shortport.version_port_or_service({7001,7002,7003},"http")(host,port) end Index: scripts/xmpp-info.nse =================================================================== --- scripts/xmpp-info.nse (revision 33212) +++ scripts/xmpp-info.nse (working copy) @@ -535,7 +535,7 @@ return both, t1only, t2only end -portrule = shortport.port_or_service({5222, 5269}, {"jabber", "xmpp-client", "xmpp-server"}) +portrule = shortport.version_port_or_service({5222, 5269}, {"jabber", "xmpp-client", "xmpp-server"}) action = function(host, port) local server_name = stdnse.get_script_args("xmpp-info.server_name") or host.targetname or host.name local alt_server_name = stdnse.get_script_args("xmpp-info.alt_server_name") or "."