PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Allow rpcinfo.nse to set version info

Browse Source 
The rpcinfo script can now set version info just like rpc-grind. Since
this requires considerably less traffic than rpc-grind, I made rpc-grind
depend on rpcinfo so that it will avoid running if we can get the
version information this way instead.

Also changed rpcinfo to only run on port 111, not on "rpcbind" service
since that's what -sV labels any detected RPC service.
This commit is contained in:
dmiller
2016-03-14 20:42:51 +00:00
parent 5843cd95a4
commit 0bb036cda2
2 changed files with 23 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
scripts/rpcinfo.nse
View File

@@ -1,3 +1,4 @@
local nmap = require "nmap"
local rpc = require "rpc"
local shortport = require "shortport"
local stdnse = require "stdnse"
@@ -77,7 +78,8 @@ license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"discovery", "default", "safe"}
portrule = shortport.port_or_service(111, "rpcbind", {"tcp", "udp"} )
-- don't match "rpcbind" because that's what version scan labels any RPC service
portrule = shortport.portnumber(111, {"tcp", "udp"} )
action = function(host, port)
@@ -92,6 +94,22 @@ action = function(host, port)
for progid, v in pairs(rpcinfo) do
xmlout[tostring(progid)] = v
for proto, v2 in pairs(v) do
local nmapport = nmap.get_port_state(host, {number=v2.port, protocol=proto})
if nmapport and (nmapport.state == "open" or nmapport.state == "open|filtered") then
nmapport.version = nmapport.version or {}
-- If we don't already knkow it, or we only know that it's "rpcbind"
if nmapport.service == nil or nmapport.version.service_dtype == "table" or port.service == "rpcbind" then
nmapport.version.name = rpc.Util.ProgNumberToName(progid)
nmapport.version.extrainfo = "RPC #" .. progid
if #v2.version > 1 then
nmapport.version.version = ("%d-%d"):format(v2.version[1], v2.version[#v2.version])
else
nmapport.version.version = tostring(v2.version[1])
end
nmap.set_port_version(host, nmapport, "softmatched")
end
end
table.insert( result, ("%-7d %-10s %5d/%s %s"):format(progid, stdnse.strjoin(",", v2.version), v2.port, proto, rpc.Util.ProgNumberToName(progid) or "") )
end
end