PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 12:41:29 +00:00
Code Issues Projects Releases Wiki Activity

Don't set_port_version just from a 200 response.

Browse Source 
Require a more positive page body match before doing that.
http://seclists.org/nmap-dev/2013/q1/304
This commit is contained in:
david
2013-03-05 21:20:45 +00:00
parent 5edcec7a9a
commit 3150d2fff6
8 changed files with 38 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
scripts/flume-master-info.nse
View File

@@ -149,8 +149,6 @@ action = function( host, port )
local body = response['body']:gsub("%%","%%%%") local body = response['body']:gsub("%%","%%%%")
local capacity = {} local capacity = {}
stdnse.print_debug(2, ("%s: Body %s\n"):format(SCRIPT_NAME,body)) stdnse.print_debug(2, ("%s: Body %s\n"):format(SCRIPT_NAME,body))
port.version.name = "flume-master"
port.version.product = "Apache Flume"
if body:match("Version:%s*</b>([^][,]+)") then if body:match("Version:%s*</b>([^][,]+)") then
local version = body:match("Version:%s*</b>([^][,]+)") local version = body:match("Version:%s*</b>([^][,]+)")
stdnse.print_debug(1, ("%s: Version %s"):format(SCRIPT_NAME,version)) stdnse.print_debug(1, ("%s: Version %s"):format(SCRIPT_NAME,version))
@@ -208,7 +206,11 @@ action = function( host, port )
result[#result+1] = "Config: " result[#result+1] = "Config: "
result[#result+1] = vars result[#result+1] = vars
end end
nmap.set_port_version(host, port) if #result > 0 then
port.version.name = "flume-master"
port.version.product = "Apache Flume"
nmap.set_port_version(host, port)
end
return stdnse.format_output(true, result) return stdnse.format_output(true, result)
end end
end end

6
scripts/hadoop-datanode-info.nse
View File

@@ -48,12 +48,12 @@ action = function( host, port )
local response = http.get( host, port, uri ) local response = http.get( host, port, uri )
stdnse.print_debug(1, ("%s: Status %s"):format(SCRIPT_NAME,response['status-line'] or "No Response")) stdnse.print_debug(1, ("%s: Status %s"):format(SCRIPT_NAME,response['status-line'] or "No Response"))
if response['status-line'] and response['status-line']:match("200%s+OK") and response['body'] then if response['status-line'] and response['status-line']:match("200%s+OK") and response['body'] then
port.version.name = "hadoop-datanode"
port.version.product = "Apache Hadoop"
nmap.set_port_version(host, port)
local body = response['body']:gsub("%%","%%%%") local body = response['body']:gsub("%%","%%%%")
stdnse.print_debug(2, ("%s: Body %s\n"):format(SCRIPT_NAME,body)) stdnse.print_debug(2, ("%s: Body %s\n"):format(SCRIPT_NAME,body))
if body:match("([^][\"]+)\">Log") then if body:match("([^][\"]+)\">Log") then
port.version.name = "hadoop-datanode"
port.version.product = "Apache Hadoop"
nmap.set_port_version(host, port)
local logs = body:match("([^][\"]+)\">Log") local logs = body:match("([^][\"]+)\">Log")
stdnse.print_debug(1, ("%s: Logs %s"):format(SCRIPT_NAME,logs)) stdnse.print_debug(1, ("%s: Logs %s"):format(SCRIPT_NAME,logs))
table.insert(result, ("Logs: %s"):format(logs)) table.insert(result, ("Logs: %s"):format(logs))

8
scripts/hadoop-jobtracker-info.nse
View File

@@ -115,8 +115,6 @@ action = function( host, port )
stdnse.print_debug(1, ("%s: Status %s"):format(SCRIPT_NAME,response['status-line'] or "No Response")) stdnse.print_debug(1, ("%s: Status %s"):format(SCRIPT_NAME,response['status-line'] or "No Response"))
if response['status-line'] and response['status-line']:match("200%s+OK") and response['body'] then if response['status-line'] and response['status-line']:match("200%s+OK") and response['body'] then
stdnse.print_debug(2, ("%s: Body %s\n"):format(SCRIPT_NAME,response['body'])) stdnse.print_debug(2, ("%s: Body %s\n"):format(SCRIPT_NAME,response['body']))
port.version.name = "hadoop-jobtracker"
port.version.product = "Apache Hadoop"
if response['body']:match("State:</b>%s*([^][<]+)") then if response['body']:match("State:</b>%s*([^][<]+)") then
local state = response['body']:match("State:</b>%s*([^][<]+)") local state = response['body']:match("State:</b>%s*([^][<]+)")
stdnse.print_debug(1, ("%s: State %s"):format(SCRIPT_NAME,state)) stdnse.print_debug(1, ("%s: State %s"):format(SCRIPT_NAME,state))
@@ -150,7 +148,6 @@ action = function( host, port )
stdnse.print_debug(1, ("%s: Log Files %s"):format(SCRIPT_NAME,logfiles)) stdnse.print_debug(1, ("%s: Log Files %s"):format(SCRIPT_NAME,logfiles))
table.insert(result, ("Log Files: %s"):format(logfiles)) table.insert(result, ("Log Files: %s"):format(logfiles))
end end
nmap.set_port_version(host, port)
local tasktrackers = get_tasktrackers (host, port) local tasktrackers = get_tasktrackers (host, port)
if next(tasktrackers) then if next(tasktrackers) then
table.insert(result, "Tasktrackers: ") table.insert(result, "Tasktrackers: ")
@@ -161,6 +158,11 @@ action = function( host, port )
table.insert(result, "Userhistory: ") table.insert(result, "Userhistory: ")
table.insert(result, userhistory) table.insert(result, userhistory)
end end
if #result > 0 then
port.version.name = "hadoop-jobtracker"
port.version.product = "Apache Hadoop"
nmap.set_port_version(host, port)
end
return stdnse.format_output(true, result) return stdnse.format_output(true, result)
end end
end end

8
scripts/hadoop-namenode-info.nse
View File

@@ -95,8 +95,6 @@ action = function( host, port )
local body = response['body']:gsub("%%","%%%%") local body = response['body']:gsub("%%","%%%%")
local capacity = {} local capacity = {}
stdnse.print_debug(2, ("%s: Body %s\n"):format(SCRIPT_NAME,body)) stdnse.print_debug(2, ("%s: Body %s\n"):format(SCRIPT_NAME,body))
port.version.name = "hadoop-namenode"
port.version.product = "Apache Hadoop"
if body:match("Started:%s*<td>([^][<]+)") then if body:match("Started:%s*<td>([^][<]+)") then
local start = body:match("Started:%s*<td>([^][<]+)") local start = body:match("Started:%s*<td>([^][<]+)")
stdnse.print_debug(1, ("%s: Started %s"):format(SCRIPT_NAME,start)) stdnse.print_debug(1, ("%s: Started %s"):format(SCRIPT_NAME,start))
@@ -139,7 +137,6 @@ action = function( host, port )
table.insert(result,"Total\tUsed (DFS)\tUsed (Non DFS)\tRemaining") table.insert(result,"Total\tUsed (DFS)\tUsed (Non DFS)\tRemaining")
table.insert(result, ("%s\t%s\t%s\t%s"):format(capacity[3],capacity[4],capacity[5],capacity[6])) table.insert(result, ("%s\t%s\t%s\t%s"):format(capacity[3],capacity[4],capacity[5],capacity[6]))
end end
nmap.set_port_version(host, port)
local datanodes_live = get_datanodes(host,port, "LIVE") local datanodes_live = get_datanodes(host,port, "LIVE")
if next(datanodes_live) then if next(datanodes_live) then
table.insert(result, "Datanodes (Live): ") table.insert(result, "Datanodes (Live): ")
@@ -150,6 +147,11 @@ action = function( host, port )
table.insert(result, "Datanodes (Dead): ") table.insert(result, "Datanodes (Dead): ")
table.insert(result, datanodes_dead) table.insert(result, datanodes_dead)
end end
if #result > 0 then
port.version.name = "hadoop-namenode"
port.version.product = "Apache Hadoop"
nmap.set_port_version(host, port)
end
return stdnse.format_output(true, result) return stdnse.format_output(true, result)
end end
end end

8
scripts/hadoop-secondary-namenode-info.nse
View File

@@ -65,8 +65,6 @@ action = function( host, port )
local body = response['body']:gsub("%%","%%%%") local body = response['body']:gsub("%%","%%%%")
local stats = {} local stats = {}
stdnse.print_debug(2, ("%s: Body %s\n"):format(SCRIPT_NAME,body)) stdnse.print_debug(2, ("%s: Body %s\n"):format(SCRIPT_NAME,body))
port.version.name = "hadoop-secondary-namenode"
port.version.product = "Apache Hadoop"
-- Page isn't valid html :( -- Page isn't valid html :(
for i in string.gmatch(body,"\n[%w%s]+:%s+[^][\n]+") do for i in string.gmatch(body,"\n[%w%s]+:%s+[^][\n]+") do
table.insert(stats,i:match(":%s+([^][\n]+)")) table.insert(stats,i:match(":%s+([^][\n]+)"))
@@ -101,7 +99,11 @@ action = function( host, port )
table.insert(result, ("Checkpoint Period: %s"):format(stats[4])) table.insert(result, ("Checkpoint Period: %s"):format(stats[4]))
table.insert(result, ("Checkpoint: Size %s"):format(stats[5])) table.insert(result, ("Checkpoint: Size %s"):format(stats[5]))
end end
nmap.set_port_version(host, port) if #result > 0 then
port.version.name = "hadoop-secondary-namenode"
port.version.product = "Apache Hadoop"
nmap.set_port_version(host, port)
end
if target.ALLOW_NEW_TARGETS then if target.ALLOW_NEW_TARGETS then
if stats[1]:match("([^][/]+)") then if stats[1]:match("([^][/]+)") then
local newtarget = stats[1]:match("([^][/]+)") local newtarget = stats[1]:match("([^][/]+)")

8
scripts/hadoop-tasktracker-info.nse
View File

@@ -54,8 +54,6 @@ action = function( host, port )
if response['status-line'] and response['status-line']:match("200%s+OK") and response['body'] then if response['status-line'] and response['status-line']:match("200%s+OK") and response['body'] then
local body = response['body']:gsub("%%","%%%%") local body = response['body']:gsub("%%","%%%%")
stdnse.print_debug(2, ("%s: Body %s\n"):format(SCRIPT_NAME,body)) stdnse.print_debug(2, ("%s: Body %s\n"):format(SCRIPT_NAME,body))
port.version.name = "hadoop-tasktracker"
port.version.product = "Apache Hadoop"
if response['body']:match("Version:</b>%s*([^][<]+)") then if response['body']:match("Version:</b>%s*([^][<]+)") then
local version = response['body']:match("Version:</b>%s*([^][<]+)") local version = response['body']:match("Version:</b>%s*([^][<]+)")
local versionNo = version:match("([^][,]+)") local versionNo = version:match("([^][,]+)")
@@ -74,7 +72,11 @@ action = function( host, port )
stdnse.print_debug(1, ("%s: Logs %s"):format(SCRIPT_NAME,logs)) stdnse.print_debug(1, ("%s: Logs %s"):format(SCRIPT_NAME,logs))
table.insert(result, ("Logs: %s"):format(logs)) table.insert(result, ("Logs: %s"):format(logs))
end end
nmap.set_port_version(host, port) if #result > 0 then
port.version.name = "hadoop-tasktracker"
port.version.product = "Apache Hadoop"
nmap.set_port_version(host, port)
end
return stdnse.format_output(true, result) return stdnse.format_output(true, result)
end end
end end

8
scripts/hbase-master-info.nse
View File

@@ -67,8 +67,6 @@ action = function( host, port )
if response['status-line'] and response['status-line']:match("200%s+OK") and response['body'] then if response['status-line'] and response['status-line']:match("200%s+OK") and response['body'] then
local body = response['body']:gsub("%%","%%%%") local body = response['body']:gsub("%%","%%%%")
stdnse.print_debug(2, ("%s: Body %s\n"):format(SCRIPT_NAME,body)) stdnse.print_debug(2, ("%s: Body %s\n"):format(SCRIPT_NAME,body))
port.version.name = "hbase-master"
port.version.product = "Apache Hadoop Hbase"
if body:match("HBase%s+Version</td><td>([^][<]+)") then if body:match("HBase%s+Version</td><td>([^][<]+)") then
local version = body:match("HBase%s+Version</td><td>([^][<]+)"):gsub("%s+", " ") local version = body:match("HBase%s+Version</td><td>([^][<]+)"):gsub("%s+", " ")
stdnse.print_debug(1, ("%s:Hbase Version %s"):format(SCRIPT_NAME,version)) stdnse.print_debug(1, ("%s:Hbase Version %s"):format(SCRIPT_NAME,version))
@@ -127,11 +125,15 @@ action = function( host, port )
end end
end end
end end
nmap.set_port_version(host, port)
if next(region_servers) then if next(region_servers) then
table.insert(result,"Region Servers:") table.insert(result,"Region Servers:")
table.insert(result,region_servers) table.insert(result,region_servers)
end end
if #result > 0 then
port.version.name = "hbase-master"
port.version.product = "Apache Hadoop Hbase"
nmap.set_port_version(host, port)
end
return stdnse.format_output(true, result) return stdnse.format_output(true, result)
end end
end end

8
scripts/hbase-region-info.nse
View File

@@ -62,8 +62,6 @@ action = function( host, port )
if response['status-line'] and response['status-line']:match("200%s+OK") and response['body'] then if response['status-line'] and response['status-line']:match("200%s+OK") and response['body'] then
local body = response['body']:gsub("%%","%%%%") local body = response['body']:gsub("%%","%%%%")
stdnse.print_debug(2, ("%s: Body %s\n"):format(SCRIPT_NAME,body)) stdnse.print_debug(2, ("%s: Body %s\n"):format(SCRIPT_NAME,body))
port.version.name = "hbase-region"
port.version.product = "Apache Hadoop Hbase"
if body:match("HBase%s+Version</td><td>([^][<]+)") then if body:match("HBase%s+Version</td><td>([^][<]+)") then
local version = body:match("HBase%s+Version</td><td>([^][<]+)"):gsub("%s+", " ") local version = body:match("HBase%s+Version</td><td>([^][<]+)"):gsub("%s+", " ")
stdnse.print_debug(1, ("%s:Hbase Version %s"):format(SCRIPT_NAME,version)) stdnse.print_debug(1, ("%s:Hbase Version %s"):format(SCRIPT_NAME,version))
@@ -92,7 +90,11 @@ action = function( host, port )
end end
end end
end end
nmap.set_port_version(host, port) if #result > 0 then
port.version.name = "hbase-region"
port.version.product = "Apache Hadoop Hbase"
nmap.set_port_version(host, port)
end
return stdnse.format_output(true, result) return stdnse.format_output(true, result)
end end
end end