New probes and matches for OpenVPN

CHANGELOG

@@ -1,5 +1,10 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o Added new service probes and match lines for OpenVPN on UDP and TCP.
+  [Corentin Delorme]
+
+Nmap 7.11 [2016-03-22]
+
 o [NSE][GH#341] Added support for diffie-hellman-group-exchange-* SSH key
   exchange methods to ssh2.lua, allowing ssh-hostkey to run on servers that
   only support custom Diffie-Hellman groups. [Sergey Khegay]

nmap-payloads

@@ -138,6 +138,13 @@ udp 520
 # is not known.
 udp 626 "SNQUERY: 127.0.0.1:AAAAAA:xsvr"
 
+# OpenVPN P_CONTROL_HARD_RESET_CLIENT_V2
+# Byte 0; 0x38 opcode
+# Byte 1-8: Session ID, random
+# Byte 9: Message packet-id array length (0)
+# Byte 10-13: Message packet-id (0)
+udp 1194 "8d\xc1x\x01\xb8\x9b\xcb\x8f\0\0\0\0\0"
+
 # Citrix MetaFrame application browser service
 # Original idea from http://sh0dan.org/oldfiles/hackingcitrix.html
 # Payload contents copied from Wireshark capture of Citrix Program

nmap-service-probes

@@ -14617,3 +14617,19 @@ sslports 2482
 
 match giop m|GIOP\x01\0\x01\x01@\0\0\0\0\0\0\0\x01\0\0\0\x02\0\0\0'\0\0\0IDL:omg\.org/CORBA/OBJECT_NOT_EXIST:1\.0\0\0\0\0\0\0\x01\0\0\0| p/omg.org CORBA naming service/
 softmatch giop m|^GIOP\x01\x00\x01\x01........\x01\x00\x00\x00|
+
+##############################NEXT PROBE##############################
+# P_CONTROL_HARD_RESET_CLIENT_V2
+Probe TCP OpenVPN q|\0\x0e87\xa5&\x08\xa2\x1b\xa0\xb1\0\0\0\0\0|
+ports 1194,443,500
+rarity 9
+match openvpn m|^\0\x1a@........\x01\0\0\0\x007\xa5&\x08\xa2\x1b\xa0\xb1\0\0\0\0$| p/OpenVPN/
+
+
+##############################NEXT PROBE##############################
+# P_CONTROL_HARD_RESET_CLIENT_V2
+Probe UDP OpenVPN q|8d\xc1x\x01\xb8\x9b\xcb\x8f\0\0\0\0\0|
+ports 1194,443,500
+rarity 9
+match openvpn m|^@........\x01\0\0\0\0d\xc1x\x01\xb8\x9b\xcb\x8f\0\0\0\0$| p/OpenVPN/
+