PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-02-09 23:16:32 +00:00
Code Issues Projects Releases Wiki Activity

Be more strict about NetBus protocol. Fixes false positives

Browse Source 
Had a report via service fingerprint correction of netbus-version
reporting an unrelated service as NetBuster. This would happen for any
service on port 12345 that responds with a banner containing less than 2
carriage returns, or which closes the connection after the first NetBus
protocol message. Now, all netbus-* scripts require the banner to begin
with "NetBus" before they will continue.
This commit is contained in:
dmiller
2015-02-18 02:57:29 +00:00
parent a4dc1b8ff6
commit 9db8dfda1d
4 changed files with 18 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
scripts/netbus-version.nse
View File

@@ -30,7 +30,11 @@ action = function( host, port )
return
end
local buffer, _ = stdnse.make_buffer(socket, "\r")
buffer() --discard banner
_ = buffer()
if not (_ and _:match("^NetBus")) then
stdnse.debug1("Not NetBus")
return nil
end
socket:send("Password;0;\r")
--NetBus answers to auth