Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: msrpc-info.nse script

From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 14 Apr 2014 14:52:07 -0500
On 04/14/2014 02:41 PM, Mike . wrote:

ok. so i did find it under the name i just posted ( i was searching for something RPC related) i am a bit confused, 
however. i just ran it against myself and i know 135 is listening because i can use rpcdump and see the listening pipe 
contents. however with this script i just ran above i see NOTHING. looking closer at the script, i see it uses 445 as 
the connecting port. can i ask why? i am fully aware of the whole relationship between rpc/smb and how they talk to 
each other. i ask this because i do not have 445 running AT ALL on this machine and i can use the port 135 rpcdump tool 
with no problems. is this script bound by connecting to 445?
this is my output with the script thrown:
C:\>nmap -P0 -n -v -sT -T4 -reason -e eth0 -p 135 -script=msrpc-enum.nse 192.1.0.16
Starting Nmap 6.45 ( http://nmap.org ) at 2014-04-14 14:32 Central Daylight Ti
NSE: Loaded 1 scripts for scanning.NSE: Script Pre-scanning.Initiating Connect Scan at 14:32Scanning 192.168.0.16 [1 
port]Discovered open port 135/tcp on 192.168.0.16Completed Connect Scan at 14:32, 0.01s elapsed (1 total ports)NSE: 
Script scanning 192.168.0.16.Nmap scan report for 192.168.0.16Host is up, received user-set (0.0050s latency).PORT    
STATE SERVICE REASON135/tcp open  msrpc   syn-ack
NSE: Script Post-scanning.Read data files from: C:\Program Files\NmapNmap done: 1 IP address (1 host up) scanned in 
1.26 seconds


script trace turned on shows NOTHING sent at all. explanations?

thank youm|ke                                   
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
As Ron pointed out in your previous thread (http://seclists.org/nmap-dev/2014/q2/88), the support for MSRPC on port 135 has not been added. We welcome patches to introduce this support! 

Dan
P.S. You may want to update the address of this mailing list in your mail client. We are now at dev () nmap org. 
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: