From c077cf781a662839ce8ba360a92d0a79cd6069b6 Mon Sep 17 00:00:00 2001 From: david Date: Tue, 4 Oct 2011 05:45:54 +0000 Subject: [PATCH] Add ganglia-info.nse by Brendan Coles. --- CHANGELOG | 2 + scripts/ganglia-info.nse | 147 +++++++++++++++++++++++++++++++++++++++ scripts/script.db | 1 + 3 files changed, 150 insertions(+) create mode 100644 scripts/ganglia-info.nse diff --git a/CHANGELOG b/CHANGELOG index 4a87748b2..2153a4f4c 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,7 @@ # Nmap Changelog ($Id$); -*-text-*- +o [NSE] Added ganglia-info by Brendan Coles. + o [NSE] Added tftp-enum by Alexander Rudakov. o [NSE] Added openlookup-info by Toni Ruottu. diff --git a/scripts/ganglia-info.nse b/scripts/ganglia-info.nse new file mode 100644 index 000000000..8259bf565 --- /dev/null +++ b/scripts/ganglia-info.nse @@ -0,0 +1,147 @@ +description = [[ +Retrieves system information from a listening Ganglia Monitoring Daemon or +Ganglia Meta Daemon. Ganglia is a scalable distributed monitoring system for +high-performance computing systems such as clusters and Grids. The information +retrieved includes HDD size, available memory, OS version, architecture (and +more) from each of the systems in each of the clusters in the grid. + +For more information about Ganglia, see: +http://ganglia.sourceforge.net/ +http://en.wikipedia.org/wiki/Ganglia_(software)#Ganglia_Monitoring_Daemon_.28gmond.29 +http://en.wikipedia.org/wiki/Ganglia_(software)#Ganglia_Meta_Daemon_.28gmetad.29 +]] + +--- +-- @usage +-- nmap --script ganglia-info --script-args ganglia-info.timeout=60,ganglia-info.bytes=1000000 -p +-- +-- @args ganglia-info.timeout +-- Set the timeout in seconds. The default value is 60. +-- This should be enough for a grid of more than 100 hosts at 200Kb/s. +-- About 5KB-10KB of data is returned for each host in the cluster. + +-- @args ganglia-info.bytes +-- Set the number of bytes to retrieve. The default value is 1000000. +-- This should be enough for a grid of more than 100 hosts. +-- About 5KB-10KB of data is returned for each host in the cluster. +-- +-- @output +-- PORT STATE SERVICE REASON VERSION +-- 8651/tcp open ganglia syn-ack Ganglia XML Grid monitor 3.0.7 (Cluster name: Fyodor's Cluster 2; Owner: Fyodor; Source: gmetad) +-- | ganglia-info: +-- | Service: Ganglia Meta Daemon +-- | Version: 3.0.7 +-- | Grid Name: Fyodor's Grid +-- | Cluster Name: Fyodor's Cluster 1 +-- | Owner: Fyodor +-- | Cluster Name: Fyodor's Cluster 2 +-- | Owner: Fyodor +-- | Hostname: ganglia.example.com +-- | IP: 192.168.1.1 +-- | disk total: 482.853GB +-- | cpu speed: 2133MHz +-- | part max used: 74.7% +-- | swap total: 2097144KB +-- | os name: Linux +-- | cpu user: 3.4% +-- | cpu system: 0.4% +-- | cpu aidle: 95.2% +-- | load five: 0.13 +-- | proc run: 0 +-- | mem free: 714040KB +-- | mem buffers: 262100KB +-- | swap free: 2097144KB +-- | bytes in: 2332.70bytes/sec +-- | pkts out: 2.70packets/sec +-- | cpu num: 2CPUs +-- | disk free: 188.861GB +-- | mem total: 3114872KB +-- | cpu wio: 0.1% +-- | boottime: 1307115184s +-- | machine type: x86 +-- | os release: 2.6.18-238.9.1.el5 +-- | cpu nice: 0.0% +-- | cpu idle: 96.1% +-- | load one: 0.04 +-- | load fifteen: 0.14 +-- | proc total: 245 +-- | mem shared: 0KB +-- | mem cached: 1260100KB +-- | gexec: OFF +-- | bytes out: 640.10bytes/sec +-- |_ pkts in: 12.90packets/sec + +-- Version 0.1 +-- Created 2011-06-28 - v0.1 - created by Brendan Coles + +author = "Brendan Coles" +license = "Same as Nmap--See http://nmap.org/book/man-legal.html" +categories = {"discovery"} + +require("comm") +require("shortport") + +portrule = shortport.port_or_service ({8649,8651}, "ganglia", {"tcp"}) + +action = function( host, port ) + + local result = {} + + -- Set timeout + local timeout = nmap.registry.args[SCRIPT_NAME .. '.timeout'] + if not timeout then + timeout = 30 + else + tonumber(timeout) + end + + -- Set bytes + local bytes = nmap.registry.args[SCRIPT_NAME .. '.bytes'] + if not bytes then + bytes = 1000000 + else + tonumber(bytes) + end + + -- Retrieve grid data in XML format over TCP + stdnse.print_debug(1, ("%s: Connecting to %s:%s"):format(SCRIPT_NAME, host.targetname or host.ip, port.number)) + local status, data = comm.get_banner(host, port, {timeout=timeout*1000,bytes=bytes}) + if not status then + stdnse.print_debug(1, ("%s: Timeout exceeded for %s:%s (Timeout: %ss)."):format(SCRIPT_NAME, host.targetname or host.ip, port.number, timeout)) + return + end + + -- Parse daemon info + if not string.match(data, "<\!DOCTYPE GANGLIA_XML") then + stdnse.print_debug(1, ("%s: %s:%s is not a Ganglia Daemon."):format(SCRIPT_NAME, host.targetname or host.ip, port.number)) + return + elseif string.match(data, ']+ OWNER="([^"]*)" ') then + table.insert(result, string.format("Cluster Name: %s\n\tOwner: %s\n", string.match(line, ']+ OWNER="([^"]*)" '))) + elseif string.match(line, ']+ UNITS="[^"]*"') then + table.insert(result, string.format("\t\t%s: %s%s", string.gsub(string.match(line, ']+ UNITS="[^"]*"'), "_", " "), string.match(line, ']+ UNITS="[^"]*"'), string.match(line, ']+ UNITS="([^"]*)"'))) + end + end + + -- Return results + return stdnse.format_output(true, result) + +end diff --git a/scripts/script.db b/scripts/script.db index ae74c92f7..512daa703 100644 --- a/scripts/script.db +++ b/scripts/script.db @@ -65,6 +65,7 @@ Entry { filename = "ftp-libopie.nse", categories = { "intrusive", "vuln", } } Entry { filename = "ftp-proftpd-backdoor.nse", categories = { "exploit", "intrusive", "malware", "vuln", } } Entry { filename = "ftp-vsftpd-backdoor.nse", categories = { "exploit", "intrusive", "malware", "vuln", } } Entry { filename = "ftp-vuln-cve2010-4221.nse", categories = { "intrusive", "vuln", } } +Entry { filename = "ganglia-info.nse", categories = { "discovery", } } Entry { filename = "giop-info.nse", categories = { "default", "discovery", "safe", } } Entry { filename = "gopher-ls.nse", categories = { "default", "discovery", "safe", } } Entry { filename = "hddtemp-info.nse", categories = { "default", "discovery", "safe", } }