diff --git a/CHANGELOG b/CHANGELOG index 519b7879a..25c6ec723 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,9 @@ # Nmap Changelog ($Id$); -*-text-*- +o New service probe for CORBA GIOP (General Inter-ORB Protocol) detection + should elicit a not-found exception from GIOP services that do not respond to + non-GIOP probes. [Quentin Hardy] + o [NSE] Added ipv6-multicast-mld-list for discovering IPv6 multicast listeners with MLD probes. The discovery is the same as targets-ipv6-multicast-mld, but the subscribed addresses are decoded and listed. diff --git a/nmap-service-probes b/nmap-service-probes index e117f7ef9..4e4c43584 100644 --- a/nmap-service-probes +++ b/nmap-service-probes @@ -14316,3 +14316,28 @@ match tn3270 m|^\xff\xfd\x18\xff\xfa\x18\x01\xff\xf0.*?\xff\xfd\x19| p/IBM Telne # Hack to force the softmatch in NULL probe to allow this probe to be sent as a followup. Don't expect this will really match anything. softmatch telnet m|^\xff\xfd\x18$| + +##############################NEXT PROBE############################## +# CORBA GIOP (General Inter-ORB Protocol) +# GIOP Header: +# - Magic: GIOP +# - Version: 1.0 (\x01\x00) +# - Msge type: Request (\x00) +# - Msg size: 36 ($\x00\x00\x00 i.e \x24\x00\x00\x00) +# Request Data: +# - ServiceContextList (\x00\x00\x00\x00) +# - Request Id: 1 (\x01\x00\x00\x00) +# - Response expected: 1 (\x01) +# - Object key Length: 6 (\x06x\00\x00\x00) +# - Object Key: 616263646566 +# - Operation length : 4 (\x04\x00\x00\x00) +# - Req Operation: get (i.e \x67\x65\x74\x00) +# - Requesting Principal Length: 0 (\x00\x00\x00\x00) +Probe TCP giop q|GIOP\x01\x00\x01\x00$\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x06\x00\x00\x00abcdef\x00\x00\x04\x00\x00\x00get\x00\x00\x00\x00\x00| +# rarity 7 because it has been observed on non-standard ports +rarity 7 +ports 2481 +sslports 2482 + +match giop m|GIOP\x01\0\x01\x01@\0\0\0\0\0\0\0\x01\0\0\0\x02\0\0\0'\0\0\0IDL:omg\.org/CORBA/OBJECT_NOT_EXIST:1\.0\0\0\0\0\0\0\x01\0\0\0| p/omg.org CORBA naming service/ +softmatch giop m|^GIOP\x01\x00\x01\x01........\x01\x00\x00\x00|