o [NSE] Added a Network Data Management Protocol (ndmp) library and the

scripts:
  + ndmp-version - retrieves version information
  + ndmp-fs-info - retrieves information about remote filesystems
  [Patrik]

scripts/ndmp-fs-info.nse

@@ -0,0 +1,69 @@
+description = [[
+Lists remote file systems by querying the remote device using the Network
+Data Management Protocol (ndmp). NDMP is a protocol intended to transport
+data between a NAS device and the backup device, removing the need for the
+data to pass through the backup server. The following products are known
+to support the protocol:
+* Amanda
+* Bacula
+* CA Arcserve
+* CommVault Simpana
+* EMC Networker
+* Hitachi Data Systems
+* IBM Tivoli
+* Quest Software Netvault Backup
+* Symantec Netbackup
+* Symantec Backup Exec
+]]
+
+---
+-- @usage
+-- nmap -p 10000 --script ndmp-fs-info <ip>
+--
+-- @output
+-- PORT      STATE SERVICE REASON  VERSION
+-- 10000/tcp open  ndmp    syn-ack Symantec/Veritas Backup Exec ndmp
+-- | ndmp-fs-info: 
+-- | FS       Logical device          Physical device
+-- | NTFS     C:                      Device0000
+-- | NTFS     E:                      Device0000
+-- | UNKNOWN  Shadow Copy Components  Device0000
+-- |_UNKNOWN  System State            Device0000
+--
+--
+
+author = "Patrik Karlsson"
+license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
+categories = {"discovery", "safe"}
+
+require 'shortport'
+require 'ndmp'
+require 'tab'
+
+portrule = shortport.port_or_service(10000, "ndmp", "tcp")
+
+local function fail(err) return ("\n  ERROR: %s"):format(err or "") end
+
+action = function(host, port)
+
+	local helper = ndmp.Helper:new(host, port)
+	local status, msg = helper:connect()
+	if ( not(status) ) then	return fail("Failed to connect to server") end
+	
+	status, msg = helper:getFsInfo()
+	if ( not(status) ) then return fail("Failed to get filesystem information from server") end
+	helper:close()
+	
+	local result = tab.new(3)
+	tab.addrow(result, "FS", "Logical device", "Physical device")
+	
+	for _, item in ipairs(msg.fsinfo) do
+		if ( item.fs_logical_device and #item.fs_logical_device ~= 0 ) then
+			if ( item and item.fs_type and item.fs_logical_device and item.fs_physical_device ) then
+				tab.addrow(result, item.fs_type, item.fs_logical_device:gsub("?", " "), item.fs_physical_device)
+			end
+		end
+	end
+
+	return "\n" .. tab.dump(result)
+end

scripts/ndmp-version.nse

@@ -0,0 +1,61 @@
+description = [[
+Retrieves version information from the remote Network Data Management Protocol
+(ndmp) service. NDMP is a protocol intended to transport data between a NAS
+device and the backup device, removing the need for the data to pass through
+the backup server. The following products are known to support the protocol:
+* Amanda
+* Bacula
+* CA Arcserve
+* CommVault Simpana
+* EMC Networker
+* Hitachi Data Systems
+* IBM Tivoli
+* Quest Software Netvault Backup
+* Symantec Netbackup
+* Symantec Backup Exec
+]]
+
+author = "Patrik Karlsson"
+license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
+categories = {"version"}
+
+require 'shortport'
+require 'ndmp'
+
+portrule = shortport.port_or_service(10000, "ndmp", "tcp")
+
+local function fail(err) return ("\n  ERROR: %s"):format(err or "") end
+
+local function vendorLookup(vendor)
+	if ( vendor:match("VERITAS") ) then
+		return "Symantec/Veritas Backup Exec ndmp"
+	else
+		return vendor
+	end
+end
+
+action = function(host, port)
+	local helper = ndmp.Helper:new(host, port)
+	local status, err = helper:connect()
+	if ( not(status) ) then	return fail("Failed to connect to server") end
+	
+	local hi, si
+	status, hi = helper:getHostInfo()
+	if ( not(status) ) then return fail("Failed to get host information from server") end
+	
+	status, si = helper:getServerInfo()
+	if ( not(status) ) then return fail("Failed to get server information from server") end
+	helper:close()
+	
+	local major, minor, build, smajor, sminor = hi.hostinfo.osver:match("Major Version=(%d+) Minor Version=(%d+) Build Number=(%d+) ServicePack Major=(%d+) ServicePack Minor=(%d+)")	
+	port.version.name = "ndmp"
+	port.version.product = vendorLookup(si.serverinfo.vendor)
+	port.version.ostype = hi.hostinfo.ostype
+	if ( hi.hostinfo.hostname ) then
+		port.version.extrainfo = ("Name: %s; "):format(hi.hostinfo.hostname)
+	end
+	if ( major and minor and build and smajor and sminor ) then
+		port.version.extrainfo = port.version.extrainfo .. ("OS ver: %d.%d; OS Build: %d; OS Service Pack: %d"):format(major, minor, build, smajor)
+	end
+	nmap.set_port_version(host, port, "hardmatched")	
+end

scripts/script.db

@@ -205,6 +205,8 @@ Entry { filename = "nat-pmp-mapport.nse", categories = { "discovery", "safe", }
 Entry { filename = "nbstat.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "ncp-enum-users.nse", categories = { "auth", "safe", } }
 Entry { filename = "ncp-serverinfo.nse", categories = { "default", "discovery", "safe", } }
+Entry { filename = "ndmp-fs-info.nse", categories = { "discovery", "safe", } }
+Entry { filename = "ndmp-version.nse", categories = { "version", } }
 Entry { filename = "nessus-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "nessus-xmlrpc-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "netbus-auth-bypass.nse", categories = { "auth", "safe", "vuln", } }