From 8abd407e989cd64ecbd6a941849bad3a157f965f Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Fri, 25 Mar 2016 04:52:26 +0000
Subject: [PATCH] New probes and matches for OpenVPN

---
 CHANGELOG           |  5 +++++
 nmap-payloads       |  7 +++++++
 nmap-service-probes | 16 ++++++++++++++++
 3 files changed, 28 insertions(+)

diff --git a/CHANGELOG b/CHANGELOG
index 926676c2f..6f8572617 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,10 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o Added new service probes and match lines for OpenVPN on UDP and TCP.
+  [Corentin Delorme]
+
+Nmap 7.11 [2016-03-22]
+
 o [NSE][GH#341] Added support for diffie-hellman-group-exchange-* SSH key
   exchange methods to ssh2.lua, allowing ssh-hostkey to run on servers that
   only support custom Diffie-Hellman groups. [Sergey Khegay]
diff --git a/nmap-payloads b/nmap-payloads
index e24a636e3..6d3c9b661 100644
--- a/nmap-payloads
+++ b/nmap-payloads
@@ -138,6 +138,13 @@ udp 520
 # is not known.
 udp 626 "SNQUERY: 127.0.0.1:AAAAAA:xsvr"
 
+# OpenVPN P_CONTROL_HARD_RESET_CLIENT_V2
+# Byte 0; 0x38 opcode
+# Byte 1-8: Session ID, random
+# Byte 9: Message packet-id array length (0)
+# Byte 10-13: Message packet-id (0)
+udp 1194 "8d\xc1x\x01\xb8\x9b\xcb\x8f\0\0\0\0\0"
+
 # Citrix MetaFrame application browser service
 # Original idea from http://sh0dan.org/oldfiles/hackingcitrix.html
 # Payload contents copied from Wireshark capture of Citrix Program
diff --git a/nmap-service-probes b/nmap-service-probes
index be6924ce9..1e10a064a 100644
--- a/nmap-service-probes
+++ b/nmap-service-probes
@@ -14617,3 +14617,19 @@ sslports 2482
 
 match giop m|GIOP\x01\0\x01\x01@\0\0\0\0\0\0\0\x01\0\0\0\x02\0\0\0'\0\0\0IDL:omg\.org/CORBA/OBJECT_NOT_EXIST:1\.0\0\0\0\0\0\0\x01\0\0\0| p/omg.org CORBA naming service/
 softmatch giop m|^GIOP\x01\x00\x01\x01........\x01\x00\x00\x00|
+
+##############################NEXT PROBE##############################
+# P_CONTROL_HARD_RESET_CLIENT_V2
+Probe TCP OpenVPN q|\0\x0e87\xa5&\x08\xa2\x1b\xa0\xb1\0\0\0\0\0|
+ports 1194,443,500
+rarity 9
+match openvpn m|^\0\x1a@........\x01\0\0\0\x007\xa5&\x08\xa2\x1b\xa0\xb1\0\0\0\0$| p/OpenVPN/
+
+
+##############################NEXT PROBE##############################
+# P_CONTROL_HARD_RESET_CLIENT_V2
+Probe UDP OpenVPN q|8d\xc1x\x01\xb8\x9b\xcb\x8f\0\0\0\0\0|
+ports 1194,443,500
+rarity 9
+match openvpn m|^@........\x01\0\0\0\0d\xc1x\x01\xb8\x9b\xcb\x8f\0\0\0\0$| p/OpenVPN/
+