Nmap Development mailing list archives

Re: [NSE] DRDA protocol

From: David Fifield <david () bamsoftware com>
Date: Wed, 11 Aug 2010 11:14:53 -0600

On Fri, Jul 23, 2010 at 12:19:36AM +0200, Patrik Karlsson wrote:

Hi all,

While looking at Informix 11.50 I realized that the database server has support for DRDA [1].
DRDA is the protocol that I've implemented a small piece of in the db2.lua library which is used by db2-info and my 
db2-brute scripts.
It turns out that both these scripts work great against an Informix servers with a DRDA instance running.

The db2-info script currently identifies Informix servers as DB2 servers and sets the service field to ibm-db2.
I'm attaching a patch that allows it to detect both Informix and DB2 servers properly and sets the service field to 
drda instead.


--- scripts/db2-info.nse        (revision 19142)
+++ scripts/db2-info.nse        (arbetskopia)
@@ -29,8 +29,8 @@
 -- parseVersion was ripped from the old db2-info.nse written by Tom Sellers
 --

-portrule = shortport.version_port_or_service({50000,60000},
-                                            "ibm-db2", "tcp",
+portrule = shortport.version_port_or_service({50000,60000,9090},
+                                            {"drda"}, "tcp",
                                             {"open", "open|filtered"})

Do you recommend also changing the name of ports 523 and 50000 in
nmap-services from ibm-db2 to drda? If not, then the portrule should
also contain "ibm-db2" so the script can run without version detection.

In order to reflect the change I propose the following name changes:
db2.lua => drda.lua
db2-info.nse => drda-info.nse
db2-brute.nse => drda-brute.nse


This is fine with me. You can commit it. Also add the old names to
OLD_SCRIPT_NAMES in Makefile.in.

I noticed that the db2-brute script fails to run against ports that are not specified in the port_or_services 
function.
As far as I can tell the db2-info properly sets all detected fields, but I guess it does this "too late" for the 
db2-brute script to pick it up?
I tried to add the db2-info script as dependency for the db2-brute script without success.


I'm not sure why this happens. Maybe the setting of the version only has
an effect if the script is run through -sV, and not through ordinary
script scanning?

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] DRDA protocol Patrik Karlsson (Jul 22)
- Re: [NSE] DRDA protocol David Fifield (Aug 11)
  - Re: [NSE] DRDA protocol Patrik Karlsson (Aug 14)
    - Re: [NSE] DRDA protocol Patrik Karlsson (Aug 14)