Nmap Development mailing list archives
Re: BackOrifice service probe
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Thu, 7 Apr 2011 04:54:50 +0300
I don't think it works against password protected servers. A password protected server would not send anything in response for this probe, as the server would try to decrypt the probe using the password, and it would decrypt into nonsense. The key space is small, so this might not be the whole story. If you had bad luck, you might pick a password that creates the same cipher text that the default encryption does (I'd need to verify this to be sure). In that case the server would accept both clients that use the correct password, and clients that do not use a password. On Thu, Apr 7, 2011 at 3:54 AM, David Fifield <david () bamsoftware com> wrote:
On Thu, Apr 07, 2011 at 01:26:39AM +0200, Gorjan Petrovski wrote:I've attached a file containing the updated BackOrifice with much more information. I hope it's enough. I wasn't sure if I should include the information in the mail or in the file. I've set the match rule to recognize the server which I'm using at the moment. It uses the maximum available characters which can be reliably used and using those it recognizes version 1.20.One more question before I add this: Does the probe work against servers that have a password set? David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: GSoC 2011: NSE Script Development, (continued)
- Re: GSoC 2011: NSE Script Development David Fifield (Apr 06)
- Re: GSoC 2011: NSE Script Development Gorjan Petrovski (Apr 06)
- Re: GSoC 2011: NSE Script Development Gorjan Petrovski (Apr 06)
- BackOrifice service probe David Fifield (Apr 06)
- Re: BackOrifice service probe Brandon Enright (Apr 06)
- Re: BackOrifice service probe Gorjan Petrovski (Apr 06)
- Re: BackOrifice service probe Toni Ruottu (Apr 06)
- Re: BackOrifice service probe Brandon Enright (Apr 06)
- Re: BackOrifice service probe Toni Ruottu (Apr 06)
- Re: BackOrifice service probe David Fifield (Apr 06)
- Re: BackOrifice service probe Toni Ruottu (Apr 06)
- Re: BackOrifice service probe David Fifield (Apr 18)
- Re: BackOrifice service probe Gorjan Petrovski (Apr 19)
- Re: BackOrifice service probe David Fifield (Apr 19)
- Re: BackOrifice service probe Gorjan Petrovski (Apr 20)
- Re: GSoC 2011: NSE Script Development Toni Ruottu (Apr 06)
- Re: GSoC 2011: NSE Script Development Gorjan Petrovski (Apr 09)
- Re: GSoC 2011: NSE Script Development Gorjan Petrovski (Apr 06)
- Re: GSoC 2011: NSE Script Development Toni Ruottu (Apr 06)
- Re: GSoC 2011: NSE Script Development Gorjan Petrovski (Apr 06)