Nmap Development mailing list archives
Re: msrpc-info.nse script
From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 14 Apr 2014 14:52:07 -0500
On 04/14/2014 02:41 PM, Mike . wrote:
As Ron pointed out in your previous thread (http://seclists.org/nmap-dev/2014/q2/88), the support for MSRPC on port 135 has not been added. We welcome patches to introduce this support!ok. so i did find it under the name i just posted ( i was searching for something RPC related) i am a bit confused, however. i just ran it against myself and i know 135 is listening because i can use rpcdump and see the listening pipe contents. however with this script i just ran above i see NOTHING. looking closer at the script, i see it uses 445 as the connecting port. can i ask why? i am fully aware of the whole relationship between rpc/smb and how they talk to each other. i ask this because i do not have 445 running AT ALL on this machine and i can use the port 135 rpcdump tool with no problems. is this script bound by connecting to 445? this is my output with the script thrown: C:\>nmap -P0 -n -v -sT -T4 -reason -e eth0 -p 135 -script=msrpc-enum.nse 192.1.0.16 Starting Nmap 6.45 ( http://nmap.org ) at 2014-04-14 14:32 Central Daylight Ti NSE: Loaded 1 scripts for scanning.NSE: Script Pre-scanning.Initiating Connect Scan at 14:32Scanning 192.168.0.16 [1 port]Discovered open port 135/tcp on 192.168.0.16Completed Connect Scan at 14:32, 0.01s elapsed (1 total ports)NSE: Script scanning 192.168.0.16.Nmap scan report for 192.168.0.16Host is up, received user-set (0.0050s latency).PORT STATE SERVICE REASON135/tcp open msrpc syn-ack NSE: Script Post-scanning.Read data files from: C:\Program Files\NmapNmap done: 1 IP address (1 host up) scanned in 1.26 seconds script trace turned on shows NOTHING sent at all. explanations? thank youm|ke _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
DanP.S. You may want to update the address of this mailing list in your mail client. We are now at dev () nmap org.
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- re:msrpc-info.nse script Mike . (Apr 14)
- Re: msrpc-info.nse script Daniel Miller (Apr 14)