PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-11 02:09:03 +00:00
Code Issues Projects Releases Wiki Activity

o [NSE] Added the script acarsd-info that retrieves information from the acarsd

Browse Source 
decoder daemon. [Brendan Coles]
This commit is contained in:
patrik
2012-03-08 18:22:00 +00:00
parent 1384a953a1
commit 542ed0bf67
3 changed files with 116 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG
View File

@@ -1,5 +1,8 @@
# Nmap Changelog ($Id$); -*-text-*- # Nmap Changelog ($Id$); -*-text-*-
o [NSE] Added the script acarsd-info that retrieves information from the acarsd
decoder daemon. [Brendan Coles]
o [NSE] Added an EAP library and the script eap-info which discovers supported o [NSE] Added an EAP library and the script eap-info which discovers supported
EAP authentication methods. [Riccardo Cecolin] EAP authentication methods. [Riccardo Cecolin]

112
scripts/acarsd-info.nse Normal file
View File

@@ -0,0 +1,112 @@
description = [[
Retrieves information from a listening acarsd daemon.
acarsd is an ACARS decoder for a Linux or Windows PC which attempts to decode
ACARS transmissions in real-time. The information retrieved includes the
daemon version, API version, administrator e-mail address and listening
frequency.
For more information about acarsd, see:
* http://www.acarsd.org/
]]
---
-- @usage
-- nmap --script acarsd-info --script-args "acarsd-info.timeout=10,acarsd-info.bytes=512" -p <port> <host>
--
-- @output
-- PORT STATE SERVICE
-- 2202/tcp open unknown
-- | acarsd-info:
-- | Version: 1.65
-- | API Version: API-2005-Oct-18
-- | Authorization Required: 0
-- | Admin E-mail: admin@acarsd
-- | Clients Connected: 1
-- |_ Frequency: 131.7250 & 131.45
--
-- @args acarsd-info.timeout
-- Set the timeout in seconds. The default value is 10.
-- @args acarsd-info.bytes
-- Set the number of bytes to retrieve. The default value is 512.
--
-- @changelog
-- 2012-02-23 - v0.1 - created by Brendan Coles - itsecuritysolutions.org
--
author = "Brendan Coles"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"safe","discovery"}
require("stdnse")
require("comm")
require("shortport")
portrule = shortport.port_or_service (2202, "acarsd", {"tcp"})
action = function(host, port)
local result = {}
-- Set timeout
local timeout = tonumber(nmap.registry.args[SCRIPT_NAME .. '.timeout'])
if not timeout or timeout < 0 then timeout = 10 end
-- Set bytes
local bytes = tonumber(nmap.registry.args[SCRIPT_NAME .. '.bytes'])
if not bytes then bytes = 512 else tonumber(bytes) end
-- Connect and retrieve acarsd info in XML format over TCP
stdnse.print_debug(1, ("%s: Connecting to %s:%s [Timeout: %ss]"):format(SCRIPT_NAME, host.targetname or host.ip, port.number, timeout))
local status, data = comm.get_banner(host, port, {timeout=timeout*1000,bytes=bytes})
if not status or not data then
stdnse.print_debug(1, ("%s: Retrieving data from %s:%s failed [Timeout expired]"):format(SCRIPT_NAME, host.targetname or host.ip, port.number))
return
end
-- Check if retrieved data is valid acarsd data
if not string.match(data, "acarsd") then
stdnse.print_debug(1, ("%s: %s:%s is not an acarsd Daemon."):format(SCRIPT_NAME, host.targetname or host.ip, port.number))
return
end
-- Check for restricted access -- Parse daemon info
if string.match(data, "Authorization needed\. If your client doesnt support this") then
local version_match = string.match(data, "acarsd\t(.+)\t")
if version_match then table.insert(result, string.format("Version: %s", version_match)) end
local api_version_match = string.match(data, "acarsd\t.+\t(API.+[0-9][0-9]?)")
if api_version_match then table.insert(result, string.format("API Version: %s", api_version_match)) end
table.insert(result, "Authorization Required: 1")
-- Check for unrestricted access -- Parse daemon info
else
stdnse.print_debug(1, ("%s: Parsing data from %s:%s"):format(SCRIPT_NAME, host.targetname or host.ip, port.number))
local vars = {
{"Version","Version"},
{"API Version","APIVersion"},
--{"Hostname","Hostname"},
--{"Port","Port"},
--{"Server UUID","ServerUUID"},
{"Authorization Required","NeedAuth"},
{"Admin E-mail","AdminMail"},
{"Clients Connected","ClientsConnected"},
{"Frequency","Frequency"},
{"License","License"},
}
for _, var in ipairs(vars) do
local tag = var[2]
local var_match = string.match(data, string.format('<%s>(.+)<\/%s>', tag, tag))
if var_match then table.insert(result, string.format("%s: %s", var[1], string.gsub(var_match, "&amp;", "&"))) end
end
end
port.version.name = "acarsd"
port.version.product = "ACARS Decoder"
nmap.set_port_version(host, port, "hardmatched")
-- Return results
return stdnse.format_output(true, result)
end

1
scripts/script.db
View File

@@ -1,3 +1,4 @@
Entry { filename = "acarsd-info.nse", categories = { "discovery", "safe", } }
Entry { filename = "address-info.nse", categories = { "default", "safe", } } Entry { filename = "address-info.nse", categories = { "default", "safe", } }
Entry { filename = "afp-brute.nse", categories = { "brute", "intrusive", } } Entry { filename = "afp-brute.nse", categories = { "brute", "intrusive", } }
Entry { filename = "afp-ls.nse", categories = { "discovery", "safe", } } Entry { filename = "afp-ls.nse", categories = { "discovery", "safe", } }