Nmap eigenes Script Beispiele

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen

Echt Koelnisch Wasser

Skript

  • vi echtkoelnisch.nse
description = [[
Prüft, ob Port 4711 offen ist, und gibt eine Nachricht aus:
"Dies riecht nach Echt Kölnisch Wasser".
]]

author = "Thomas"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"default", "discovery"}

portrule = function(host, port)
  return port.number == 4711 and port.protocol == "tcp"
end

action = function(host, port)
  if port.state == "open" then
    return "Port 4711 offen. Dies riecht nach Echt Koelnisch Wasser!"
  end
end

Aufruf

  • nmap --script ./echtkoelnisch.nse -p 4711 10.0.10.104
Starting Nmap 7.95 ( https://nmap.org ) at 2025-08-10 14:14 CEST
Nmap scan report for opfer.secure.local (10.0.10.104)
Host is up (0.00093s latency).

PORT     STATE SERVICE
4711/tcp open  trinity-dist
|_echtkoelnisch: Port 4711 offen. Dies riecht nach Echt Koelnisch Wasser!
MAC Address: 08:00:27:70:6B:BA (PCS Systemtechnik/Oracle VirtualBox virtual NIC)

Nmap done: 1 IP address (1 host up) scanned in 0.27 seconds

Checkmk Agent unverschlüsselt

Skript

  • vi checkmk-plain.nse
description = [[
Checks if an unencrypted Checkmk Agent is responding on port 6556.
If the header <<<check_mk>>> is found, it is considered a potential information disclosure vulnerability.
]]

author = "Thomas"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"default", "discovery", "vuln"}

portrule = function(host, port)
  return port.number == 6556 and port.protocol == "tcp"
end

action = function(host, port)
  local socket = nmap.new_socket()
  socket:set_timeout(3000)
  local status, err = socket:connect(host.ip, port.number)
  if not status then
    return "Connection failed: " .. err
  end

  local data
  status, data = socket:receive_lines(1)
  socket:close()

  if status and data and data:find("<<<check_mk>>>") then
    return "Unencrypted Checkmk Agent detected - potential information disclosure!"
  end
end

Aufruf

  • nmap -sV --script ./checkmk-plain.nse -p 6556 10.0.10.104
Starting Nmap 7.95 ( https://nmap.org ) at 2025-08-10 14:26 CEST
Nmap scan report for userver.secure.local (10.0.10.104)
Host is up (0.0014s latency).

PORT     STATE SERVICE  VERSION
6556/tcp open  check_mk check_mk extension for Nagios 2.0.0p38
|_checkmk-plain: Unencrypted Checkmk Agent detected - potential information disclosure!
MAC Address: 08:00:27:23:0C:75 (PCS Systemtechnik/Oracle VirtualBox virtual NIC)

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.51 seconds
Abgerufen von „http://wiki.ixheim.de/index.php?title=Nmap_eigenes_Script_Beispiele&oldid=66657