Re: nse script development

[Richard Lam <richlam.dev () gmail com>]

Hi David,

I have a preliminary working version of the script, only based Ubuntu SSH
default banners, from 4.10 to 19.04.  The OpenSSH version + portable number
+ build number uniquely identifies the Ubuntu distribution.  In all cases,
except one, the string "[uU]buntu" is embedded in the default SSH banner.

My intention is to expand this service (OS) detection to FreeBSD, Debian,
and possibly Raspbian, again only via SSH.  Like Ubuntu, these
distributions have their respective name embedded in the default SSH banner.

The utilization of the Apache (httpd) service will become necessary for
many other distributions, such as Redhat, CentOS, OpenBSD, where the
default SSH banner does not identify the OS.  This would become a future
feature.

The question is:  How many different detected distributions is the
threshold for potential acceptance to nmap?  This deviates from the
original requirement to use httpd service in conjunction with SSH; however,
given that it's not necessary for all distributions...  Thoughts?

thanks,
Richard



On Thu, 22 Aug 2019 at 15:36, Richard Lam <richlam.dev () gmail com> wrote:

> Awesome. Thank you for the information and quick response!
>
> Richard
>
> On Thu., Aug. 22, 2019, 15:34 David Fifield, <david () bamsoftware com>
> wrote:
>
> > On Thu, Aug 22, 2019 at 03:20:37PM -0700, Richard Lam wrote:
> > > I would like to make an attempt at writing a solution for the NSE scrip
> > > service-os script, from the nmap/script ideas page.
> > >
> > > A few questions:
> > >
> > > 1) Is anyone already working on this?
> > > 2) Are there additional suggestions for OS version detection other than
> > > services from Apached (httpd) and OpenSSH?
> > > 3) Any additional information I should consider?
> >
> > 1) No one is working on it, as far as I know.
> >
> > 2) I would suggest starting with those two ports, and seeing how far
> > they can take you.
> >
> > 3) At packages.ubuntu.com (or packages.debian.org) you can see what
> > version numbers are part of which distributions. So for example at
> > https://packages.ubuntu.com/disco/apache2 you see in the header
> >         [xenial] [bionic] [cosmic] [disco] [eoan]
> > and you can click on them to see what version number goes with each.
> > There's also a changelog to see when other version numbers for the
> > distribution may have been.
> >
> > You could test by running past live CDs in VMs.
> > http://releases.ubuntu.com/
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/