Nmap Development mailing list archives
[PATCH] Cleaner (and more) service version output and better error reporting
From: bmenrigh () ucsd edu
Date: Wed, 1 Apr 2009 21:02:01 -0700 (PDT)
[I apologize in advance for the poor quality of this email. I'm using a crappy webmail client.] Developers, Attached is a patch that slightly tweaks the product/version/info output you get when you scan a machine with -sV This need for this patch stems from the following error prints when too much data is matched from a probe: Warning: Servicescan failed to fill info_template (subjectlen: 1460). Too long? Match string was line 3513: v/Apache httpd/$1/$2 That error is slightly misleading. The problem is not with subjectlen being too long, it is that the i/.../ match template captured too much data (the current limit is 128 bytes). I have improved the error to include the length of the template and changed the text "Too long?" to "Capture exceeded length?". The other issues fixed with this patch are that when the final version string is constructed, it is "[product] [version] ([extrainfo])" and the maximum size is currently 128 chars. If there isn't enough space to fit a template in the string that template is dropped. This can result in a host print like this: PORT STATE SERVICE REASON VERSION 80/tcp open http syn-ack Apache httpd 2.0.52 Notice that ever though extra info was captured, it was not reported. This patch modifies the dropping to truncate instead. If there isn't enough room to report the full template it is truncated to whatever will fit + "...". Here is an example: PORT STATE SERVICE REASON VERSION 80/tcp open http syn-ack Apache httpd 2.0.52 ((Red Hat) mod_perl/1.99_16 Perl/v5.8.5 DAV/2 mod_jk/1.2.19...) Fyodor and I agree that 128 chars is a little bit short when useful information is available so I've increased the buffer to 160 chars. In the case of the host above, this is what is printed: PORT STATE SERVICE REASON VERSION 80/tcp open http syn-ack Apache httpd 2.0.52 ((Red Hat) mod_perl/1.99_16 Perl/v5.8.5 DAV/2 mod_jk/1.2.19 PHP/4.3.9 mod_python/3.1.3 Python/2.3.4 mod_ssl/2.0.52 OpenSSL/0.9.7a) Finally, sometimes the product is not captured or even not the product and not the version but extra info is captured. In these cases a leading space is always printed. For example: " (connection ok)" This patch make sure spaces are only printed when they are needed to separate the templates. I've tested this patch some but I'd like someone with a sharper eye for C/C++ to look it over. Comments welcome, Brandon
Attachment:
versionout.patch.txt
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [PATCH] Cleaner (and more) service version output and better error reporting bmenrigh (Apr 01)
- Re: [PATCH] Cleaner (and more) service version output and better error reporting David Fifield (Apr 03)