Create a shortport.ssl function like shortport.http. Use it in ssl

scripts.
2025-12-10 17:59:04 +00:00 · 2011-02-22 00:46:28 +00:00
parent 0b4de98d24
commit c3ab2d5ea4
4 changed files with 26 additions and 57 deletions
--- a/nselib/shortport.lua
+++ b/nselib/shortport.lua
@@ -164,3 +164,25 @@ end
 -- portrule = shortport.http
 http = shortport.port_or_service({80, 443, 631, 8080, 5800, 3872},
 	{"http", "https", "ipp", "http-alt", "vnc-http", "oem-agent"})
+
+local LIKELY_SSL_PORTS = {
+    443, 465, 587, 636, 989, 990, 992, 993, 994, 995, 5061, 6679, 6697, 8443
+}
+local LIKELY_SSL_SERVICES = {
+    "ftps", "ftps-data", "https", "https-alt", "imaps", "ircs",
+    "ldapssl", "pop3s", "sip-tls", "smtps", "telnets"
+}
+
+---
+-- A portrule that matches likely SSL services.
+--
+-- @param host The host table to match against.
+-- @param port The port table to match against.
+-- @return <code>true</code> if the port is likely to be SSL,
+-- <code>false</code> otherwise.
+-- @usage
+-- portrule = shortport.ssl
+function ssl(host, port)
+    return port.version.service_tunnel == "ssl" or
+        port_or_service(LIKELY_SSL_PORTS, LIKELY_SSL_SERVICES, "tcp", "sctp")
+end
--- a/scripts/ssl-cert.nse
+++ b/scripts/ssl-cert.nse
@@ -66,6 +66,7 @@ categories = { "safe", "discovery" }

 require("nmap")
 require("nsedebug")
+require("shortport")
 require("stdnse")

 local stringify_name
@@ -73,12 +74,10 @@ local date_to_string
 local table_find
 local s

-local LIKELY_SSL_PORTS = { 443, 465, 989, 990, 992, 993, 994, 995, 587, 8443 }
 local STARTTLS_PORTS = { 25, 587 }

 portrule = function(host, port)
-    return port.version.service_tunnel == "ssl"
-        or table_find(LIKELY_SSL_PORTS, port.number) or table_find(STARTTLS_PORTS, port.number)
+    return shortport.ssl(host, port) or table_find(STARTTLS_PORTS, port.number)
 end

 action = function(host, port)
--- a/scripts/ssl-enum-ciphers.nse
+++ b/scripts/ssl-enum-ciphers.nse
@@ -76,37 +76,6 @@ require("nmap")
 require("shortport")
 require("stdnse")

-local SSL_PORTS = {
-	443,
-	465,
-	587,
-	636,
-	989,
-	990,
-	992,
-	993,
-	994,
-	995,
-	5061,
-	6679,
-	6697,
-	8443
-}
-
-local SSL_SERVICES = {
-	"ftps",
-	"ftps-data",
-	"https",
-	"https-alt",
-	"imaps",
-	"ircs",
-	"ldapssl",
-	"pop3s",
-	"sip-tls",
-	"smtps",
-	"telnets"
-}
-
 -- Most of the values in the tables below are from:
 -- http://www.iana.org/assignments/tls-parameters/
 PROTOCOLS = {
@@ -735,24 +704,7 @@ local function try_protocol(host, port, protocol)
 	return results
 end

-portrule = function(host, port)
-	local is_ssl = shortport.port_or_service(SSL_PORTS, SSL_SERVICES)
-
-	-- This script only handles SSL/TLS over TCP.
-	if port.protocol ~= "tcp" then
-		return false
-	end
-
-	if port.version.service_tunnel == "ssl" then
-		return true
-	end
-
-	if is_ssl(host, port) then
-		return true
-	end
-
-	return false
-end
+portrule = shortport.ssl

 action = function(host, port)
 	local name, result, results
--- a/scripts/sslv2.nse
+++ b/scripts/sslv2.nse
@@ -21,11 +21,7 @@ categories = {"default", "safe"}

 require "shortport"

-local portfunction = shortport.port_or_service({443,993,995},{'https','imaps','pop3s'})
-
-portrule = function( host, port )
-  return portfunction( host, port ) or port.version.service_tunnel == 'ssl'
-end
+portrule = shortport.ssl

 hex2dec = function(hex)