PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 20:51:30 +00:00
Code Issues Projects Releases Wiki Activity

o [NSE] Applied patch to the ssl-cert script that adds support for getting SSL

Browse Source 
certificates from FTP servers. [Matt Selsky]
This commit is contained in:
patrik
2011-12-06 15:49:36 +00:00
parent 30af606588
commit 0340c7321c
2 changed files with 53 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG
View File

@@ -1,5 +1,8 @@
# Nmap Changelog ($Id$); -*-text-*- # Nmap Changelog ($Id$); -*-text-*-
o [NSE] Applied patch to the ssl-cert script that adds support for getting SSL
certificates from FTP servers. [Matt Selsky]
o [NSE] Added the a Vuze library, port probe and the script vuze-dht-info. The o [NSE] Added the a Vuze library, port probe and the script vuze-dht-info. The
script connects to a Vuze node and gets protocol, vendor and network script connects to a Vuze node and gets protocol, vendor and network
information. [Patrik] information. [Patrik]

50
scripts/ssl-cert.nse
View File

@@ -75,6 +75,55 @@ local date_to_string
local table_find local table_find
local s local s
function ftp_starttls(host, port)
-- Attempt to negotiate TLS over FTP for services that support it
-- Works for FTP (21)
-- Open a standard TCP socket
local status, error = s:connect(host, port, "tcp")
if not status then
return nil
else
-- Loop until the service presents a banner to deal with server
-- load and timing issues. There may be a better way to handle this.
local i = 0
repeat
status, result = s:receive_lines(1)
i = i + 1
until string.match(result, "^220") or i == 5
-- Send AUTH TLS command, ask the service to start encryption
local query = "AUTH TLS\r\n"
status = s:send(query)
status, result = s:receive_lines(1)
if not (string.match(result, "^234")) then
stdnse.print_debug("1","%s",result)
stdnse.print_debug("1","AUTH TLS failed or unavailable. Enable --script-trace to see what is happening.")
-- Send QUIT to clean up server side connection
local query = "QUIT\r\n"
status = s:send(query)
result = ""
return nil
end
-- Service supports AUTH TLS, tell NSE start SSL negotiation
status, error = s:reconnect_ssl()
if not status then
stdnse.print_debug("1","Could not establish SSL session after AUTH TLS command.")
s:close()
return nil
end
end
-- Should have a solid TLS over FTP session now...
return "Connected"
end
function smtp_starttls(host, port) function smtp_starttls(host, port)
-- Attempt to negotiate TLS over SMTP for services that support it -- Attempt to negotiate TLS over SMTP for services that support it
-- Works for SMTP (25) and SMTP Submission (587) -- Works for SMTP (25) and SMTP Submission (587)
@@ -157,6 +206,7 @@ end
-- A table mapping port numbers to specialized SSL negotiation functions. -- A table mapping port numbers to specialized SSL negotiation functions.
local SPECIALIZED_FUNCS = { local SPECIALIZED_FUNCS = {
[21] = ftp_starttls,
[25] = smtp_starttls, [25] = smtp_starttls,
[587] = smtp_starttls, [587] = smtp_starttls,
[5222] = xmpp_starttls, [5222] = xmpp_starttls,