Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Valve Steam In-Home Streaming gaming software probe / match with additional nse starter file

From: Kristian Erik Hermansen <kristian.hermansen () gmail com>
Date: Thu, 23 Apr 2015 07:03:08 -0700
On Thu, Apr 23, 2015 at 5:46 AM, Daniel Miller <bonsaiviking () gmail com> wrote:

Ah yes, this is because there is no match line, so probing continues. Since
the SSLSessionReq probe matches, we know that a service fingerprint will not
be displayed. I think you could get around this by adding
--version-intensity 0, which would send only the Null probe and any probes
that have 27036 in the "ports" line.


That worked.


This is what I expected: the PSK identity hint contains some information to
identify the service you're connecting to. This is how the client would
retrieve the appropriate pre-shared key for the service, if it were
configured to connect to multiple services with different keys.
Unfortunately, you haven't given enough of the packet to make a fingerprint.
You can either use the --version-intensity 0 option like I suggested above,
or you can just give the full packet dump from this command without the
-seek 0x5a -l 5 options.


I submitted the new TCP fingerprint into the nmap database online. You
should be able to find one UDP fingerprint and one TCP fingerprint
each relating to steam to help with further integration into nmap. Let
me know if you are unable to see the submitted entries in the database
for some reason...
-- 
Regards,

Kristian Erik Hermansen
https://www.linkedin.com/in/kristianhermansen
https://google.com/+KristianHermansen
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: