From 27c0be76d70fcebf5d63b857ec1ce0fec7f1bbe9 Mon Sep 17 00:00:00 2001
From: david <david@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Mon, 24 May 2010 19:21:33 +0000
Subject: [PATCH] Add a UDP payload corresponding to the serialnumberd probe.
 Document serialnumberd stuff in CHANGELOG.

---
 CHANGELOG  | 5 +++++
 payload.cc | 4 ++++
 2 files changed, 9 insertions(+)

diff --git a/CHANGELOG b/CHANGELOG
index ee7bdd6a0..f28b3f51f 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,10 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o Added a version probe, match line, and UDP payload for the
+  serialnumberd service of Mac OS X Server. This service overrides
+  firewall settings to make itself visible, so it's useful for host
+  discovery. [Patrik]
+
 o Open XML elements are now closed in case of a fatal error, so the
   output should at least be well-formed. There are new attributes
   "exit" and "errormsg" in the finished element. "exit" is "success"
diff --git a/payload.cc b/payload.cc
index 540f53b62..50a32a8f3 100644
--- a/payload.cc
+++ b/payload.cc
@@ -123,6 +123,7 @@ static const char payload_SNMPv3GetRequest[] =
   "\x04\x01\x04\x02\x01\x03\x04\x10\x30\x0E\x04\x00\x02\x01\x00\x02"
   "\x01\x00\x04\x00\x04\x00\x04\x00\x30\x12\x04\x00\x04\x00\xA0\x0C"
   "\x02\x02\x37\xF0\x02\x01\x00\x02\x01\x00\x30\x00";
+static const char payload_serialnumberd[] = "SNQUERY: 127.0.0.1:AAAAAA:xsvr";
 
 /* X Display Manager Control Protocol. Version 1, packet type Query (2), no
    authorization names. We expect a Willing or Unwilling packet in reply.
@@ -300,6 +301,9 @@ const char *udp_port2payload(u16 dport, size_t *length){
     case 520:
       SET_PAYLOAD(payload_rip);
       break;
+    case 626:
+      SET_PAYLOAD(payload_serialnumberd);
+      break;
     /*
     case 1434:
       SET_PAYLOAD(payload_Sqlping);