PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-10 17:59:04 +00:00
Code Issues Projects Releases Wiki Activity

Create a shortport.ssl function like shortport.http. Use it in ssl

Browse Source 
scripts.
This commit is contained in:
david
2011-02-22 00:46:28 +00:00
parent 0b4de98d24
commit c3ab2d5ea4
4 changed files with 26 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
nselib/shortport.lua
View File

@@ -164,3 +164,25 @@ end
-- portrule = shortport.http -- portrule = shortport.http
http = shortport.port_or_service({80, 443, 631, 8080, 5800, 3872}, http = shortport.port_or_service({80, 443, 631, 8080, 5800, 3872},
{"http", "https", "ipp", "http-alt", "vnc-http", "oem-agent"}) {"http", "https", "ipp", "http-alt", "vnc-http", "oem-agent"})
local LIKELY_SSL_PORTS = {
443, 465, 587, 636, 989, 990, 992, 993, 994, 995, 5061, 6679, 6697, 8443
}
local LIKELY_SSL_SERVICES = {
"ftps", "ftps-data", "https", "https-alt", "imaps", "ircs",
"ldapssl", "pop3s", "sip-tls", "smtps", "telnets"
}
---
-- A portrule that matches likely SSL services.
--
-- @param host The host table to match against.
-- @param port The port table to match against.
-- @return <code>true</code> if the port is likely to be SSL,
-- <code>false</code> otherwise.
-- @usage
-- portrule = shortport.ssl
function ssl(host, port)
return port.version.service_tunnel == "ssl" or
port_or_service(LIKELY_SSL_PORTS, LIKELY_SSL_SERVICES, "tcp", "sctp")
end

5
scripts/ssl-cert.nse
View File

@@ -66,6 +66,7 @@ categories = { "safe", "discovery" }
require("nmap") require("nmap")
require("nsedebug") require("nsedebug")
require("shortport")
require("stdnse") require("stdnse")
local stringify_name local stringify_name
@@ -73,12 +74,10 @@ local date_to_string
local table_find local table_find
local s local s
local LIKELY_SSL_PORTS = { 443, 465, 989, 990, 992, 993, 994, 995, 587, 8443 }
local STARTTLS_PORTS = { 25, 587 } local STARTTLS_PORTS = { 25, 587 }
portrule = function(host, port) portrule = function(host, port)
return port.version.service_tunnel == "ssl" return shortport.ssl(host, port) or table_find(STARTTLS_PORTS, port.number)
or table_find(LIKELY_SSL_PORTS, port.number) or table_find(STARTTLS_PORTS, port.number)
end end
action = function(host, port) action = function(host, port)

50
scripts/ssl-enum-ciphers.nse
View File

@@ -76,37 +76,6 @@ require("nmap")
require("shortport") require("shortport")
require("stdnse") require("stdnse")
local SSL_PORTS = {
443,
465,
587,
636,
989,
990,
992,
993,
994,
995,
5061,
6679,
6697,
8443
}
local SSL_SERVICES = {
"ftps",
"ftps-data",
"https",
"https-alt",
"imaps",
"ircs",
"ldapssl",
"pop3s",
"sip-tls",
"smtps",
"telnets"
}
-- Most of the values in the tables below are from: -- Most of the values in the tables below are from:
-- http://www.iana.org/assignments/tls-parameters/ -- http://www.iana.org/assignments/tls-parameters/
PROTOCOLS = { PROTOCOLS = {
@@ -735,24 +704,7 @@ local function try_protocol(host, port, protocol)
return results return results
end end
portrule = function(host, port) portrule = shortport.ssl
local is_ssl = shortport.port_or_service(SSL_PORTS, SSL_SERVICES)
-- This script only handles SSL/TLS over TCP.
if port.protocol ~= "tcp" then
return false
end
if port.version.service_tunnel == "ssl" then
return true
end
if is_ssl(host, port) then
return true
end
return false
end
action = function(host, port) action = function(host, port)
local name, result, results local name, result, results

6
scripts/sslv2.nse
View File

@@ -21,11 +21,7 @@ categories = {"default", "safe"}
require "shortport" require "shortport"
local portfunction = shortport.port_or_service({443,993,995},{'https','imaps','pop3s'}) portrule = shortport.ssl
portrule = function( host, port )
return portfunction( host, port ) or port.version.service_tunnel == 'ssl'
end
hex2dec = function(hex) hex2dec = function(hex)