Fix a crash in rpc-grind when scanning a non-RPC service

2025-12-06 04:31:29 +00:00 · 2024-06-03 19:00:29 +00:00
parent 296d8bd1e7
commit 929a29d310
1 changed files with 8 additions and 6 deletions
--- a/scripts/rpc-grind.nse
+++ b/scripts/rpc-grind.nse
@@ -103,12 +103,14 @@ local isRPC = function(host, port)
      -- If we got response, set port to open
      nmap.set_port_state(host, port, "open")

-      rxid, msgtype = string.unpack(">I4 I4", data)
-      -- If response XID does match request XID
-      -- and message type equals 1 (REPLY) then
-      -- it is a RPC port.
-      if rxid == xid and msgtype == 1 then
-        return true
+      if #data >= 8 then
+        rxid, msgtype = string.unpack(">I4 I4", data)
+        -- If response XID does match request XID
+        -- and message type equals 1 (REPLY) then
+        -- it is a RPC port.
+        if rxid == xid and msgtype == 1 then
+          return true
+        end
      end
    end
  end