Nmap Development mailing list archives
Re: Tunnel information not always included in XML output
From: Matt Foster <mpf () netcraft com>
Date: Tue, 14 Feb 2012 10:28:52 +0000
On Tue Feb 14 03:54:47 2012, David Fifield wrote:
On Mon, Feb 13, 2012 at 11:00:07AM +0000, Matt Foster wrote:Hi All, I recently noticed that there's no tunnel information in Nmap's XML output when the service is 'ssl/unknown'. In these cases, there's no service tag in the output, so as a consequence there's no tunnel attribute set. A similar problem to this (but relating to text output) seems to have been fixed back in 2009, but I couldn't find any mention of issues like this relating to XML output. I've attached a very simple patch, to make sure there's a service tag whenever there's an identified SSL tunnel. It may not be the best way to fix this, but so far it seems to be working for me.What XML does it emit in the conditions you've identified?
We saw: <port protocol="tcp" portid="6801"><state state="open" reason="syn-ack" reason_ttl="51"/></port> without the patch, and then: <ports><port protocol="tcp" portid="6801"><state state="open" reason="syn-ack" reason_ttl="51"/><service name="unknown" tunnel="ssl" method="table" conf="3"/></port> With it. That said, I've been trying to replicate the issue using openssl s_server in order to send you a decent example, and I can't. Nmap behaves as it should, and reports the tunnel -- so this was probably cause by something else, rather than what I described above. Unfortunately, I no longer have access to the server I got those results from, so I can't check for any other oddities :( Cheers, Matt -- Dr Matt Foster Netcraft Ltd.
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Tunnel information not always included in XML output Matt Foster (Feb 13)
- Re: Tunnel information not always included in XML output David Fifield (Feb 13)
- Re: Tunnel information not always included in XML output Matt Foster (Feb 14)
- Re: Tunnel information not always included in XML output David Fifield (Mar 30)
- Re: Tunnel information not always included in XML output Matt Foster (Feb 14)
- Re: Tunnel information not always included in XML output David Fifield (Feb 13)