Nmap Development mailing list archives
Re: Services matched by script--show a service fingerprint?
From: David Fifield <david () bamsoftware com>
Date: Thu, 31 Mar 2011 20:11:29 -0700
On Sun, Mar 27, 2011 at 02:39:03PM -0700, David Fifield wrote:
Dhruval Gandhi's screenshot at http://seclists.org/nmap-dev/2011/q1/1014 shows port 80 being matched as skype2 by the skypev2-version.nse script, but a service fingerprint is being shown anyway. We usually get a bunch of Skype service submissions in each batch, which I have to ignore because service detection can't match it (that's what skypev2-version.nse is for, after all). I thought that perhaps the script was failing for some reason, but now I see that if a service produces output, it can cause a fingerprint to be displayed even when a script later matches the service. Should it work this way? How about hiding the fingerprint (and request to submit it) when a service is hardmatched by NSE?
Okay, we've had some agreement that the fingerprint shouldn't be shown in this case. I'm going to suggest that this would make a good starter task for a feature creeper / bug wrangler in the Summer of Code. So, you applicants, this is a nice easy problem to analyze and solve. First, you need to find where the service fingerprint is printed, then look at the conditions that make it be printed or not, and modify the condition so that it is false when there is a service match from a script. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Services matched by script--show a service fingerprint? David Fifield (Mar 27)
- RE: Services matched by script--show a service fingerprint? Rob Nicholls (Mar 27)
- Re: Services matched by script--show a service fingerprint? Fyodor (Mar 31)
- Re: Services matched by script--show a service fingerprint? David Fifield (Mar 31)