Nmap eigenes Script Beispiele: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(→Skript) |
|||
| Zeile 69: | Zeile 69: | ||
end | end | ||
end | end | ||
| + | </pre> | ||
| + | ==Aufruf== | ||
| + | *nmap -sV --script ./checkmk-plain.nse -p 6556 10.0.10.103 | ||
| + | <pre> | ||
| + | Starting Nmap 7.95 ( https://nmap.org ) at 2025-08-10 14:26 CEST | ||
| + | Nmap scan report for userver.secure.local (10.0.10.103) | ||
| + | Host is up (0.0014s latency). | ||
| + | |||
| + | PORT STATE SERVICE VERSION | ||
| + | 6556/tcp open check_mk check_mk extension for Nagios 2.0.0p38 | ||
| + | |_checkmk-plain: Unencrypted Checkmk Agent detected - potential information disclosure! | ||
| + | MAC Address: 08:00:27:23:0C:75 (PCS Systemtechnik/Oracle VirtualBox virtual NIC) | ||
| + | |||
| + | Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . | ||
| + | Nmap done: 1 IP address (1 host up) scanned in 0.51 seconds | ||
</pre> | </pre> | ||
Version vom 10. August 2025, 12:26 Uhr
Echt Koelnisch Wasser
Skript
- vi echtkoelnisch.nse
description = [[
Prüft, ob Port 4711 offen ist, und gibt eine Nachricht aus:
"Dies riecht nach Echt Kölnisch Wasser".
]]
author = "Thomas"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"default", "discovery"}
portrule = function(host, port)
return port.number == 4711 and port.protocol == "tcp"
end
action = function(host, port)
if port.state == "open" then
return "Port 4711 offen. Dies riecht nach Echt Koelnisch Wasser!"
end
end
Aufruf
- nmap --script ./echtkoelnisch.nse -p 4711 10.0.10.104
Starting Nmap 7.95 ( https://nmap.org ) at 2025-08-10 14:14 CEST Nmap scan report for opfer.secure.local (10.0.10.104) Host is up (0.00093s latency). PORT STATE SERVICE 4711/tcp open trinity-dist |_echtkoelnisch: Port 4711 offen. Dies riecht nach Echt Koelnisch Wasser! MAC Address: 08:00:27:70:6B:BA (PCS Systemtechnik/Oracle VirtualBox virtual NIC) Nmap done: 1 IP address (1 host up) scanned in 0.27 seconds
Checkmk Agent unverschlüsselt
Skript
- vi checkmk-plain.nse
description = [[
Checks if an unencrypted Checkmk Agent is responding on port 6556.
If the header <<<check_mk>>> is found, it is considered a potential information disclosure vulnerability.
]]
author = "Thomas"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"default", "discovery", "vuln"}
portrule = function(host, port)
return port.number == 6556 and port.protocol == "tcp"
end
action = function(host, port)
local socket = nmap.new_socket()
socket:set_timeout(3000)
local status, err = socket:connect(host.ip, port.number)
if not status then
return "Connection failed: " .. err
end
local data
status, data = socket:receive_lines(1)
socket:close()
if status and data and data:find("<<<check_mk>>>") then
return "Unencrypted Checkmk Agent detected - potential information disclosure!"
end
end
Aufruf
- nmap -sV --script ./checkmk-plain.nse -p 6556 10.0.10.103
Starting Nmap 7.95 ( https://nmap.org ) at 2025-08-10 14:26 CEST Nmap scan report for userver.secure.local (10.0.10.103) Host is up (0.0014s latency). PORT STATE SERVICE VERSION 6556/tcp open check_mk check_mk extension for Nagios 2.0.0p38 |_checkmk-plain: Unencrypted Checkmk Agent detected - potential information disclosure! MAC Address: 08:00:27:23:0C:75 (PCS Systemtechnik/Oracle VirtualBox virtual NIC) Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 0.51 seconds