Update of /usr/local/cvs/nessus-plugins/plugins/find_service
In directory raccoon.nessus.org:/tmp/cvs-serv79323
Modified Files:
find_service.c
Log Message:
o Added signatures thanks to Kent Engstrom (kent@unit.liu.se) :
- LysKOM servers
- FTP servers with a long greeting banner (starting with 220-)
- NetPresenz FTP servers
- PH servers
- Improved PostgresSQL
- Improved lpd
Index: find_service.c
===================================================================
RCS file: /usr/local/cvs/nessus-plugins/plugins/find_service/find_service.c,v
retrieving revision 1.94
retrieving revision 1.95
diff -u -d -r1.94 -r1.95
--- find_service.c 9 Jan 2003 12:47:13 -0000 1.94
+++ find_service.c 14 Jan 2003 17:51:36 -0000 1.95
@@ -302,11 +302,16 @@
int port, trp;
char * buffer;
{
- char* ban = emalloc(255);
register_service(desc, port, "ftp");
+
+ if(buffer != NULL)
+ {
+ char ban[255];
sprintf(ban, "ftp/banner/%d", port);
plug_set_key(desc, ban, ARG_STRING, buffer);
- efree(&ban);
+ }
+
+ if(buffer != NULL)
{
char * report = emalloc(255 + strlen(buffer));
char *t = strchr(buffer, '\n');
@@ -317,6 +322,13 @@
post_note(desc, port, report);
efree(&report);
}
+ else
+ {
+ char report[255];
+ sprintf(report, "An FTP server is running on this port%s.",
+ get_encaps_through(trp));
+ post_note(desc, port, report);
+ }
}
void
@@ -598,7 +610,7 @@
}
-/* Actually, this is Solaris (or SysV ?) lpd */
+
static void
mark_lpd_server(desc, port, banner, trp)
struct arglist *desc;
@@ -608,7 +620,38 @@
char tmp[255];
register_service(desc, port, "lpd");
- sprintf(tmp, "A SysV LPD server seems to be running on this port%s",
+ sprintf(tmp, "A LPD server seems to be running on this port%s",
+ get_encaps_through(trp));
+ post_note(desc, port, tmp);
+}
+
+
+/* http://www.lysator.liu.se/lyskom/lyskom-server/ */
+static void
+mark_lyskom_server(desc, port, banner, trp)
+ struct arglist *desc;
+ const char *banner;
+ int port, trp;
+{
+ char tmp[255];
+
+ register_service(desc, port, "lyskom");
+ sprintf(tmp, "A LysKOM server seems to be running on this port%s",
+ get_encaps_through(trp));
+ post_note(desc, port, tmp);
+}
+
+/* http://www.emailman.com/ph/ */
+static void
+mark_ph_server(desc, port, banner, trp)
+ struct arglist *desc;
+ const char *banner;
+ int port, trp;
+{
+ char tmp[255];
+
+ register_service(desc, port, "ph");
+ sprintf(tmp, "A PH server seems to be running on this port%s",
get_encaps_through(trp));
post_note(desc, port, tmp);
}
@@ -1253,19 +1296,20 @@
else if((!strncmp(line, "hhost '", 7) || !strncmp(line, "whost '", 7)) && strstr(line, "mysql"))
mark_mysql(desc, port, origline, trp);
- else if(!strncmp(line, "efatal ", 7))
+ else if(!strncmp(line, "efatal", 6) || !strncmp(line, "einvalid packet length", strlen("einvalid packet length")))
mark_postgresql(desc, port, origline, trp);
else if(!strncmp(line, "cvs [pserver aborted]:", 22))
mark_cvspserver(desc, port, origline, trp);
else if(!strncmp(line, "@rsyncd", 7))
mark_rsyncd(desc, port, origline, trp);
-
else if((len == 4) && may_be_time((time_t*)banner))
mark_time_server(desc, port, banner, trp);
else if(strstr(buffer, "rmserver")||strstr(buffer, "realserver"))
mark_rmserver(desc, port, origline, trp);
- else if(strstr(line, "ftp") && !strncmp(line, "220", 3))
+ else if((strstr(line, "ftp") || strstr(line, "netpresenz")) && !strncmp(line, "220", 3))
mark_ftp_server(desc, port, origline, trp);
+ else if(strncmp(line, "220-", 4) == 0) /* FTP server with a long banner */
+ mark_ftp_server(desc, port, NULL, trp);
else if(strstr(line, "ssh-"))
mark_ssh_server(desc, port, origline);
else if(!strncmp(line, "+ok", 3) || (!strncmp(line, "+", 1) && strstr(line, "pop")))
@@ -1322,8 +1366,13 @@
mark_vtun_server(desc, port, banner, trp);
else if(strcmp(line, "login: password: ") == 0)
mark_uucp_server(desc, port, banner, trp);
- else if(strstr(line, "invalid protocol request (71): gget / http/1.0"))
+ else if(strstr(line, "invalid protocol request (71): gget / http/1.0") ||
+ (strncmp(line, "lpd:", 4) == 0))
mark_lpd_server(desc, port, banner, trp);
+ else if(strstr(line, "%%lyskom unsupported protocol"))
+ mark_lyskom_server(desc, port, banner, trp);
+ else if(strstr(line, "598:get:command not recognized"))
+ mark_ph_server(desc, port, banner, trp);
else if(((p = strstr(banner, "finger: GET: no such user")) != NULL &&
In directory raccoon.nessus.org:/tmp/cvs-serv79323
Modified Files:
find_service.c
Log Message:
o Added signatures thanks to Kent Engstrom (kent@unit.liu.se) :
- LysKOM servers
- FTP servers with a long greeting banner (starting with 220-)
- NetPresenz FTP servers
- PH servers
- Improved PostgresSQL
- Improved lpd
Index: find_service.c
===================================================================
RCS file: /usr/local/cvs/nessus-plugins/plugins/find_service/find_service.c,v
retrieving revision 1.94
retrieving revision 1.95
diff -u -d -r1.94 -r1.95
--- find_service.c 9 Jan 2003 12:47:13 -0000 1.94
+++ find_service.c 14 Jan 2003 17:51:36 -0000 1.95
@@ -302,11 +302,16 @@
int port, trp;
char * buffer;
{
- char* ban = emalloc(255);
register_service(desc, port, "ftp");
+
+ if(buffer != NULL)
+ {
+ char ban[255];
sprintf(ban, "ftp/banner/%d", port);
plug_set_key(desc, ban, ARG_STRING, buffer);
- efree(&ban);
+ }
+
+ if(buffer != NULL)
{
char * report = emalloc(255 + strlen(buffer));
char *t = strchr(buffer, '\n');
@@ -317,6 +322,13 @@
post_note(desc, port, report);
efree(&report);
}
+ else
+ {
+ char report[255];
+ sprintf(report, "An FTP server is running on this port%s.",
+ get_encaps_through(trp));
+ post_note(desc, port, report);
+ }
}
void
@@ -598,7 +610,7 @@
}
-/* Actually, this is Solaris (or SysV ?) lpd */
+
static void
mark_lpd_server(desc, port, banner, trp)
struct arglist *desc;
@@ -608,7 +620,38 @@
char tmp[255];
register_service(desc, port, "lpd");
- sprintf(tmp, "A SysV LPD server seems to be running on this port%s",
+ sprintf(tmp, "A LPD server seems to be running on this port%s",
+ get_encaps_through(trp));
+ post_note(desc, port, tmp);
+}
+
+
+/* http://www.lysator.liu.se/lyskom/lyskom-server/ */
+static void
+mark_lyskom_server(desc, port, banner, trp)
+ struct arglist *desc;
+ const char *banner;
+ int port, trp;
+{
+ char tmp[255];
+
+ register_service(desc, port, "lyskom");
+ sprintf(tmp, "A LysKOM server seems to be running on this port%s",
+ get_encaps_through(trp));
+ post_note(desc, port, tmp);
+}
+
+/* http://www.emailman.com/ph/ */
+static void
+mark_ph_server(desc, port, banner, trp)
+ struct arglist *desc;
+ const char *banner;
+ int port, trp;
+{
+ char tmp[255];
+
+ register_service(desc, port, "ph");
+ sprintf(tmp, "A PH server seems to be running on this port%s",
get_encaps_through(trp));
post_note(desc, port, tmp);
}
@@ -1253,19 +1296,20 @@
else if((!strncmp(line, "hhost '", 7) || !strncmp(line, "whost '", 7)) && strstr(line, "mysql"))
mark_mysql(desc, port, origline, trp);
- else if(!strncmp(line, "efatal ", 7))
+ else if(!strncmp(line, "efatal", 6) || !strncmp(line, "einvalid packet length", strlen("einvalid packet length")))
mark_postgresql(desc, port, origline, trp);
else if(!strncmp(line, "cvs [pserver aborted]:", 22))
mark_cvspserver(desc, port, origline, trp);
else if(!strncmp(line, "@rsyncd", 7))
mark_rsyncd(desc, port, origline, trp);
-
else if((len == 4) && may_be_time((time_t*)banner))
mark_time_server(desc, port, banner, trp);
else if(strstr(buffer, "rmserver")||strstr(buffer, "realserver"))
mark_rmserver(desc, port, origline, trp);
- else if(strstr(line, "ftp") && !strncmp(line, "220", 3))
+ else if((strstr(line, "ftp") || strstr(line, "netpresenz")) && !strncmp(line, "220", 3))
mark_ftp_server(desc, port, origline, trp);
+ else if(strncmp(line, "220-", 4) == 0) /* FTP server with a long banner */
+ mark_ftp_server(desc, port, NULL, trp);
else if(strstr(line, "ssh-"))
mark_ssh_server(desc, port, origline);
else if(!strncmp(line, "+ok", 3) || (!strncmp(line, "+", 1) && strstr(line, "pop")))
@@ -1322,8 +1366,13 @@
mark_vtun_server(desc, port, banner, trp);
else if(strcmp(line, "login: password: ") == 0)
mark_uucp_server(desc, port, banner, trp);
- else if(strstr(line, "invalid protocol request (71): gget / http/1.0"))
+ else if(strstr(line, "invalid protocol request (71): gget / http/1.0") ||
+ (strncmp(line, "lpd:", 4) == 0))
mark_lpd_server(desc, port, banner, trp);
+ else if(strstr(line, "%%lyskom unsupported protocol"))
+ mark_lyskom_server(desc, port, banner, trp);
+ else if(strstr(line, "598:get:command not recognized"))
+ mark_ph_server(desc, port, banner, trp);
else if(((p = strstr(banner, "finger: GET: no such user")) != NULL &&