New payload, probe, and matchline for Apple Remote Desktop

nmap-payloads

@@ -215,6 +215,9 @@ udp 2049
 # (relevant files: games.ini, packets.ini, freelancer.php)
 udp 2302 "\x00\x02\xf1\x26\x01\x26\xf0\x90\xa6\xf0\x26\x57\x4e\xac\xa0\xec\xf8\x68\xe4\x8d\x21"
 
+# Apple Remote Desktop (ARD)
+udp 3283 "\0\x14\0\x01\x03"
+
 # Sun Service Tag Discovery protocol (stdiscover)
 # http://arc.opensolaris.org/caselog/PSARC/2006/638/stdiscover_protocolv2.pdf
 # Would work better with a varying cookie; the second and later sends of this

nmap-service-probes

@@ -15896,3 +15896,12 @@ Probe TCP LibreOfficeImpressSCPair q|LO_SERVER_CLIENT_PAIR\nNmap\n0000\n\n|
 rarity 9
 ports 1599
 match impress-remote m|^LO_SERVER_VALIDATING_PIN\n$| p/LibreOffice Impress remote/ cpe:/a:libreoffice:libreoffice/
+
+##############################NEXT PROBE##############################
+# Apple Remote Desktop
+Probe UDP ARD q|\0\x14\0\x01\x03|
+rarity 8
+ports 3283
+
+# Need to figure out how this differs from some other versions
+match netassistant m/\0\x01\x03\xea\x001\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x01\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x12\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0[^\0]([^\0]+)\0/s p/Apple Remote Desktop/ i/name: $P(1)/