PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-17 13:09:02 +00:00
Code Issues Projects Releases Wiki Activity

Add XMPP support to ssl-cert by Vasiliy Kulikov.

Browse Source
This commit is contained in:
david
2011-10-04 19:32:45 +00:00
parent 6e24b934f6
commit 15d0871a5a
3 changed files with 28 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG
View File

@@ -1,5 +1,7 @@
# Nmap Changelog ($Id$); -*-text-*- # Nmap Changelog ($Id$); -*-text-*-
o [NSE] Added XMPP support to ssl-cert.nse.
o [NSE] Added http-cors by Toni Ruottu. o [NSE] Added http-cors by Toni Ruottu.
o [NSE] Added ganglia-info by Brendan Coles. o [NSE] Added ganglia-info by Brendan Coles.

4
nselib/xmpp.lua
View File

@@ -110,6 +110,7 @@ XMPP = {
-- <code>timeout</code> - sets the socket timeout -- <code>timeout</code> - sets the socket timeout
-- <code>servername</code> - sets the server name to use in -- <code>servername</code> - sets the server name to use in
-- communication with the server. -- communication with the server.
-- <code>starttls</code> - start TLS handshake even if it is optional.
new = function(self, host, port, options) new = function(self, host, port, options)
local o = { host = host, local o = { host = host,
port = port, port = port,
@@ -206,13 +207,14 @@ XMPP = {
return false, "ERROR: Only version 1.0 is supported" return false, "ERROR: Only version 1.0 is supported"
end end
if ( start_tls == "required" ) then if ( start_tls == "required" or self.options.starttls) then
status, err = self:send("<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>") status, err = self:send("<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>")
if ( not(status) ) then return false, "ERROR: Failed to initiate STARTTLS" end if ( not(status) ) then return false, "ERROR: Failed to initiate STARTTLS" end
local status, tag = self:receive_tag() local status, tag = self:receive_tag()
if ( not(status) ) then return false, "ERROR: Failed to recevice from server" end if ( not(status) ) then return false, "ERROR: Failed to recevice from server" end
if ( tag.name == "proceed" ) then if ( tag.name == "proceed" ) then
status, err = self.socket:reconnect_ssl() status, err = self.socket:reconnect_ssl()
self.options.starttls = false
return self:connect() return self:connect()
end end
end end

24
scripts/ssl-cert.nse
View File

@@ -68,6 +68,7 @@ require("nmap")
require("nsedebug") require("nsedebug")
require("shortport") require("shortport")
require("stdnse") require("stdnse")
require("xmpp")
local stringify_name local stringify_name
local date_to_string local date_to_string
@@ -138,8 +139,29 @@ function smtp_starttls(host, port)
return "Connected" return "Connected"
end end
function xmpp_starttls(host, port)
local ls = xmpp.XMPP:new(host, port, { starttls = true } )
ls.socket = s
ls.socket:set_timeout(ls.options.timeout * 1000)
local status, err = ls.socket:connect(host, port)
if not status then
return nil
end
status, err = ls:connect()
if status then
return "Connected"
end
end
-- A table mapping port numbers to specialized SSL negotiation functions. -- A table mapping port numbers to specialized SSL negotiation functions.
local SPECIALIZED_FUNCS = { [25] = smtp_starttls, [587] = smtp_starttls } local SPECIALIZED_FUNCS = {
[25] = smtp_starttls,
[587] = smtp_starttls,
[5222] = xmpp_starttls,
[5269] = xmpp_starttls
}
portrule = function(host, port) portrule = function(host, port)
return shortport.ssl(host, port) or SPECIALIZED_FUNCS[port.number] return shortport.ssl(host, port) or SPECIALIZED_FUNCS[port.number]