|
33. Q4'2007 Nmap Updates |
The fourth quarter of 2007 was big for Nmap. We had the first stable release in over a year: 4.50! I integrated many of your fingerprints for that release so some of the entries described here will be supported there. For the latest and greatest, you can find the probes file here or in the Nmap SVN repository. Thanks to everyone who submitted fingerprints, and keep em coming! The HP166XC Logic Analyzer developers seemed to have misinterpreted a field when setting up this ftpd (see the email address we're supposed to direct comments to). ---------- Help ---------- "220 HP166XC V01\.00 FUSION FTP server \(Version 3\.3\) ready\.\r\n214-The following commands are recognized \(\* =>'s unimplemented\)\.\r\n USER PORT RETR MSND\* ALLO\* DELE SITE\* MKD XCUP \n PASS\* PASV\* STOR MSOM\* REST\* CWD STAT\* XRMD CDUP \n ACCT\* TYPE APPE\* MSAM\* RNFR\* XCWD HELP RMD XDLS \n REIN\* STRU\* MLFL\* MRSQ\* RNTO\* LIST NOOP XPWD \n QUIT MODE MAIL\* MRCP\* ABOR\* NLST XMKD PWD \n214 Direct comments to ftp-bugs@ HP166XC V01\.00\.\r\n" These HP Logic Analyzers are strange devices. The HP 1662C seems to echo the data backwards! Port 818-TCP V=4.11 ---------- GenericLines ---------- "\r\n\r\x1f\r\n" ---------- GetRequest ---------- "\r\n\r0\.1/PTTH / TEG!\r\n" ---------- HTTPOptions ---------- "\r\n\r0\.1/PTTH / SNOITPO%\r\n" VMS, still alive and kicking (ah, fond memories.. The first time I used the internet it was on a VMS VAX). match ftp m|^211 Hello \[[\w-_.]+\], Secure/IP Authentication Server ([\w-_.]+) at your service\.\r\n| p|OpenVMS Secure/IP ftpd| v/$1/ o/OpenVMS/ Always fun to see protocols using non-English languages. Senha is Portugese for "password": ---------- GetRequest ---------- "\xff\xfd\x01\xff\xfd\x1f\xff\xfd!\xff\xfb\x01\xff\xfb\x03\r\r\nGET / HTTP/1\.0\r\n\r\n\x1b\[H\x1b\[JLogin: \[: /: unknown operand\r\nSenha: \[: /: unknown operand\r\n\x1b\[H\x1b\[JLogin: " And this unknown SMTPd is, I think, Italian. ---------- NULL ---------- "220 Server di posta generico\. Wed, 14 Nov 2007 10:28:56 \+0100\r\n" Another amusing (maybe it's just me?) language observation. Look at this product name: "DocuCentre Color". "Centre" is spelled british and "color" is spelled american. D'oh! match http m|^HTTP/1\.1 \d\d\d .*\r\nDocuCentre Color (\d+) -|s p/Fuji Xerox DocuCentre Color $1 http config/ d/printer/ Another WAP that proudly announces its default password to the world. Does anybody care about wireless security? (not Schneier!) match http m|^HTTP/1\.0 \d\d\d .*Server: Boa/([\w-_.]+) \(with Intersil Extensions\)\r\nConnection: close\r\nWWW-Authenticate: Basic realm=\"CONNECT2AIR AP-600RP-USB LOGIN Enter Password \(default is connect\)\"\r\n|s p/Fujitsu Siemens CONNECT2AIR AP-600RP-USB WAP http config/ d/WAP/ i/Boa httpd $1; default passwd "connect"/ And, of course, the gallery of funny or otherwise noteworthy submissions:
|