mirror of
https://github.com/nmap/nmap.git
synced 2025-12-06 04:31:29 +00:00
Check more common IRC ports by default. Send SSL probes to ircs ports. See #941
This commit is contained in:
dmiller
@@ -12978,7 +12978,7 @@ softmatch ftp m|^220[\s-].*ftp[^\r]*\r\n214[\s-]|i
|
||||
# TLSv1-only servers, based on a failed handshake alert.
|
||||
Probe TCP SSLSessionReq q|\x16\x03\0\0S\x01\0\0O\x03\0?G\xd7\xf7\xba,\xee\xea\xb2`~\xf3\0\xfd\x82{\xb9\xd5\x96\xc8w\x9b\xe6\xc4\xdb<=\xdbo\xef\x10n\0\0(\0\x16\0\x13\0\x0a\0f\0\x05\0\x04\0e\0d\0c\0b\0a\0`\0\x15\0\x12\0\x09\0\x14\0\x11\0\x08\0\x06\0\x03\x01\0|
|
||||
rarity 1
|
||||
ports 322,443,444,465,548,636,989,990,992,993,994,995,1241,1311,1443,2000,2252,2443,3443,4433,4443,4444,4911,5061,5443,5550,6443,7210,7272,7443,8009,8181,8194,8443,8531,8883,9001,9443,10443,14443,44443,60443
|
||||
ports 322,443,444,465,548,636,989,990,992,993,994,995,1241,1311,1443,2000,2252,2443,3443,4433,4443,4444,4911,5061,5443,5550,6443,6679,6697,7000,7210,7272,7443,8009,8181,8194,8443,8531,8883,9001,9443,10443,14443,44443,60443
|
||||
fallback GetRequest
|
||||
|
||||
# OpenSSL/0.9.7aa, 0.9.8e
|
||||
|
||||
29
nselib/irc.lua
Normal file
29
nselib/irc.lua
Normal file
@@ -0,0 +1,29 @@
|
||||
---
|
||||
-- IRC functions.
|
||||
--
|
||||
-- @copyright Same as Nmap--See https://nmap.org/book/man-legal.html
|
||||
|
||||
local stdnse = require "stdnse"
|
||||
_ENV = stdnse.module("irc", stdnse.seeall)
|
||||
|
||||
portrule = (require "shortport").port_or_service(
|
||||
{
|
||||
-- Shodan.io top 3 IRC ports
|
||||
6667,
|
||||
6666,
|
||||
6664,
|
||||
-- other ports in the "ircu" assignment block
|
||||
6665,
|
||||
6668,
|
||||
6669,
|
||||
-- common SSL irc ports
|
||||
6679,
|
||||
6697,
|
||||
7000,
|
||||
-- other common ports
|
||||
8067,
|
||||
},
|
||||
{ "irc", "ircs", "ircs-u", "ircd", "irc-serv" } -- this covers ports 194, 529, and 994
|
||||
)
|
||||
|
||||
return _ENV
|
||||
@@ -1,5 +1,5 @@
|
||||
local comm = require "comm"
|
||||
local shortport = require "shortport"
|
||||
local irc = require "irc"
|
||||
local stdnse = require "stdnse"
|
||||
local string = require "string"
|
||||
local table = require "table"
|
||||
@@ -73,7 +73,7 @@ local DEFAULT_CHANNELS = {
|
||||
"RxBot",
|
||||
}
|
||||
|
||||
portrule = shortport.port_or_service({6666, 6667, 6697, 6679}, {"irc", "ircs"})
|
||||
portrule = irc.portrule
|
||||
|
||||
-- Parse an IRC message. Returns nil, errmsg in case of error. Otherwise returns
|
||||
-- true, prefix, command, params. prefix may be nil. params is an array of
|
||||
@@ -277,6 +277,10 @@ function action(host, port)
|
||||
end
|
||||
|
||||
irc = irc_connect(host, port)
|
||||
if not irc then
|
||||
stdnse.debug1("Could not connect")
|
||||
return nil
|
||||
end
|
||||
irc_send_message(irc, "LIST", concat_channel_list(search_channels))
|
||||
|
||||
channels = {}
|
||||
|
||||
@@ -2,7 +2,7 @@ local brute = require "brute"
|
||||
local comm = require "comm"
|
||||
local creds = require "creds"
|
||||
local match = require "match"
|
||||
local shortport = require "shortport"
|
||||
local irc = require "irc"
|
||||
local stdnse = require "stdnse"
|
||||
|
||||
description=[[
|
||||
@@ -33,7 +33,7 @@ author = "Patrik Karlsson"
|
||||
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
|
||||
categories={"brute","intrusive"}
|
||||
|
||||
portrule = shortport.port_or_service({6666,6667,6697,6679},{"irc","ircs"})
|
||||
portrule = irc.portrule
|
||||
|
||||
Driver = {
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
local comm = require "comm"
|
||||
local nmap = require "nmap"
|
||||
local shortport = require "shortport"
|
||||
local irc = require "irc"
|
||||
local stdnse = require "stdnse"
|
||||
|
||||
description = [[
|
||||
@@ -43,7 +43,7 @@ license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
|
||||
|
||||
categories = {"default", "discovery", "safe"}
|
||||
|
||||
portrule = shortport.port_or_service({6666,6667,6697,6679},{"irc","ircs"})
|
||||
portrule = irc.portrule
|
||||
|
||||
local banner_timeout = 60
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@ local brute = require "brute"
|
||||
local comm = require "comm"
|
||||
local creds = require "creds"
|
||||
local sasl = require "sasl"
|
||||
local shortport = require "shortport"
|
||||
local irc = require "irc"
|
||||
local stdnse = require "stdnse"
|
||||
local string = require "string"
|
||||
local table = require "table"
|
||||
@@ -40,7 +40,7 @@ author = "Piotr Olma"
|
||||
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
|
||||
categories={"brute","intrusive"}
|
||||
|
||||
portrule = shortport.port_or_service({6666,6667,6697,6679},{"irc","ircs"})
|
||||
portrule = irc.portrule
|
||||
|
||||
local dbg = stdnse.debug
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
local comm = require "comm"
|
||||
local nmap = require "nmap"
|
||||
local os = require "os"
|
||||
local shortport = require "shortport"
|
||||
local irc = require "irc"
|
||||
local stdnse = require "stdnse"
|
||||
local string = require "string"
|
||||
|
||||
@@ -61,7 +61,7 @@ license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
|
||||
categories = {"exploit", "intrusive", "malware", "vuln"}
|
||||
|
||||
|
||||
portrule = shortport.port_or_service({6666,6667,6697,6679,8067},{"irc","ircs"})
|
||||
portrule = irc.portrule
|
||||
|
||||
|
||||
action = function(host, port)
|
||||
|
||||
Reference in New Issue
Block a user