Re: [NSE Script] Skype v2 service detection

[Diman Todorov <diman.todorov () chello at>]

On Sep 11, 2006, at 1:55 AM, Matthew Boyle wrote:

> hi Diman,
>
> cool. :-)  though there is the complication that if -sV isn't  
> specified, port.service for 80/tcp will default to "http", making  
> the test fail even if the port actually is running skype.  (this  
> isn't a problem with 443/tcp, as one gives "https", and the other  
> "ssl/http")
>
> would i be right in thinking that you and Fyodor were discussing  
> forcing version detection on when NSE is selected (-sC == -sCV)?   
> if so, this would be another reason to go ahead with that idea!

In my current code base -sV implies --script=version. Scripts with  
the version tag provide
output in the version detection style instead the script scan style.  
The 'version' scripts
won't provide any script scan output even if their result is  
positive. The problem you mention
won't appear. There are following scenarios: -sV, -sC, -sCV. In the  
first scenario the script
will run and the service name will be nil, "" or 'unknown' so no  
problem. In the second the
script won't run because the service name will default to http or ssl/ 
http but it is no problem
since we don't want a version scan anyway. In the third scenario the  
behavior is the same as
in the first. So, no problem :)

cheers
Diman


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org