Nmap Development mailing list archives
[NSE] Lantronix SLC addition to http-default-accounts-fingerprints
From: nnposter () users sourceforge net
Date: Fri, 22 Aug 2014 23:36:25 +0000
The following patch adds a fingerprint for Lantronix SLC(*) web UI to http-default-accounts-fingerprints.lua. Tested on SLC48 with firmware versions 5.5 and 6.1. * http://www.lantronix.com/it-management/console-servers/slc.html PORT STATE SERVICE REASON 443/tcp open https syn-ack |_http-default-accounts: [Lantronix SLC] credentials found -> sysadmin:PASS Path:/scsnetwork.htm As a side note, I have also developed fingerprints for Dell ERA and DRAC4 but their SSL stack does not get along with nmap. They really work only over SSLv3, despite happily agreeing to TLSv1, and they are too slow for the hard-coded timeouts in http.pipeline_go(). Cheers, nnposter Patch against revision 33595 follows: --- nselib/data/http-default-accounts-fingerprints.lua.orig 2014-08-22 16:14:17.083451100 -0600 +++ nselib/data/http-default-accounts-fingerprints.lua 2014-08-22 16:15:58.795451100 -0600 @@ -314,3 +314,27 @@ return try_http_basic_login(host, port, path, user, pass, true) end }) + +--- +--Remote consoles +--- +table.insert(fingerprints, { + name = "Lantronix SLC", + category = "console", + paths = { + {path = "/scsnetwork.htm"} + }, + target_check = function (host, port, path, response) + return response.status == 200 + and response.header["server"] + and response.header["server"]:find("^mini_httpd") + and response.body + and response.body:find("<title>Lantronix SLC",1,true) + end, + login_combos = { + {username = "sysadmin", password = "PASS"} + }, + login_check = function (host, port, path, user, pass) + return try_http_post_login(host, port, path, "./", "%sname%s*=%s*(['\"]?)slcpassword%1[%s>]", {slclogin=user, slcpassword=pass}) + end +}) _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Lantronix SLC addition to http-default-accounts-fingerprints nnposter (Aug 22)
- <Possible follow-ups>
- [NSE] Lantronix SLC addition to http-default-accounts-fingerprints nnposter (Sep 05)