PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-02-08 06:26:33 +00:00
Code Issues Projects Releases Wiki Activity

New payload, probe, and matchline for Apple Remote Desktop

Browse Source
This commit is contained in:
dmiller
2017-11-30 04:20:24 +00:00
parent da5798da0f
commit eac495e3ad
2 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
nmap-service-probes
View File

@@ -15896,3 +15896,12 @@ Probe TCP LibreOfficeImpressSCPair q|LO_SERVER_CLIENT_PAIR\nNmap\n0000\n\n|
rarity 9
ports 1599
match impress-remote m|^LO_SERVER_VALIDATING_PIN\n$| p/LibreOffice Impress remote/ cpe:/a:libreoffice:libreoffice/
##############################NEXT PROBE##############################
# Apple Remote Desktop
Probe UDP ARD q|\0\x14\0\x01\x03|
rarity 8
ports 3283
# Need to figure out how this differs from some other versions
match netassistant m/\0\x01\x03\xea\x001\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x01\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x12\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0[^\0]([^\0]+)\0/s p/Apple Remote Desktop/ i/name: $P(1)/