Scripts
| amqp-info |
Gathers information (a list of all server properties) from an AMQP (advanced message queuing protocol) server. |
| cccam-version |
Detects the CCcam service (software for sharing subscription TV among multiple receivers). |
| db2-das-info |
Connects to the IBM DB2 Administration Server (DAS) on TCP or UDP port 523 and exports the server profile. No authentication is required for this request. |
| drda-info |
Attempts to extract information from database servers supporting the DRDA protocol. The script sends a DRDA EXCSAT (exchange server attributes) command packet and parses the response. |
| iax2-version |
Detects the UDP IAX2 service. |
| ike-version |
Get information from an IKE service. Tests the service with both Main and Aggressive Mode. Sends multiple transforms in a single request, so currently, only four packets are sent to the host. |
| jdwp-version |
Detects the Java Debug Wire Protocol. This protocol is used by Java programs to be debugged via the network. It should not be open to the public Internet, as it does not provide any security against malicious attackers who can inject their own bytecode into the debugged process. |
| maxdb-info |
Retrieves version and database information from a SAP Max DB database. |
| mcafee-epo-agent |
Check if ePO agent is running on port 8081 or port identified as ePO Agent port. |
| murmur-version |
Detects the Murmur service (server for the Mumble voice communication client) version 1.2.0 and above. |
| ndmp-version |
Retrieves version information from the remote Network Data Management Protocol (ndmp) service. NDMP is a protocol intended to transport data between a NAS device and the backup device, removing the need for the data to pass through the backup server. The following products are known to support the protocol:
|
| netbus-version |
Extends version detection to detect NetBuster, a honeypot service that mimes NetBus. |
| openlookup-info |
Parses and displays the banner information of an OpenLookup (network key-value store) server. |
| ovs-agent-version |
Detects the version of an Oracle Virtual Server Agent by fingerprinting responses to an HTTP GET request and an XML-RPC method call. |
| pptp-version |
Attempts to extract system information from the point-to-point tunneling protocol (PPTP) service. |
| quake3-info |
Extracts information from a Quake3 game server and other games which use the same protocol. |
| rpc-grind |
Fingerprints the target RPC port to extract the target service, RPC number and version. |
| skypev2-version |
Detects the Skype version 2 service. |
| stun-version |
Sends a binding request to the server and attempts to extract version information from the response, if the server attribute is present. |
| ventrilo-info |
Detects the Ventrilo voice communication server service versions 2.1.2 and above. Some of the older versions (pre 3.0.0) may not have the UDP service this probe relies on enabled by default. |
| wdb-version |
Detects vulnerabilities and gathers information (such as version numbers and hardware support) from VxWorks Wind DeBug agents. |
| xmpp-info |
Connects to XMPP server (port 5222) and collects server information such as: supported auth mechanisms, compression methods, whether TLS is supported and mandatory, stream management, language, support of In-Band registration, server capabilities. If possible, studies server vendor. |