Home page logo
/
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News

Sponsors


Library shortport

Functions for building short portrules.

Since portrules are mostly the same for many scripts, this module provides functions for the most common tests.

Copyright© Same as Nmap--See http://nmap.org/book/man-legal.html

Source: http://nmap.org/svn/nselib/shortport.lua

Functions

http (host, port)

A portrule that matches likely HTTP services.

port_is_excluded (port, proto)

Check if the port and its protocol are in the exclude directive.

port_or_service (ports, services, protos, states)

Return a portrule that returns true when given an open port matching either a port number or service name.

portnumber (ports, protos, states)

Return a portrule that returns true when given an open port matching a single port number or a list of port numbers.

service (services, protos, states)

Return a portrule that returns true when given an open port with a service name matching a single service name or a list of service names.

ssl (host, port)

A portrule that matches likely SSL services.

version_port_or_service (ports, services, protos, states, rarity)

Return a portrule that returns true when given an open port matching either a port number or service name and has not been listed in the exclude port directive of the nmap-service-probes file. If version intensity is lesser than rarity value, portrule always returns false.



Functions

http (host, port)

A portrule that matches likely HTTP services.

Parameters

  • host: The host table to match against.
  • port: The port table to match against.

Usage:

portrule = shortport.http

Return value:

true if the port is likely to be HTTP, false otherwise.
port_is_excluded (port, proto)

Check if the port and its protocol are in the exclude directive.

Parameters

  • port: A port number.
  • proto: The protocol to match against, default "tcp".

Return value:

True if the port and protocol are in the exclude directive.
port_or_service (ports, services, protos, states)

Return a portrule that returns true when given an open port matching either a port number or service name.

This function is a combination of the portnumber and service functions. The port and service may be single values or a list of values as in those functions. This function exists because many scripts explicitly try to run against the well-known ports, but want also to run against any other port which was discovered to run the named service.

Parameters

  • ports: A single port number or a list of port numbers.
  • services: Service name or a list of names to run against.
  • protos: The protocol or list of protocols to match against, default "tcp".
  • states: A state or list of states to match against, default {"open", "open|filtered"}.

Usage:

portrule = shortport.port_or_service(22,"ssh").

Return value:

Function for the portrule.
portnumber (ports, protos, states)

Return a portrule that returns true when given an open port matching a single port number or a list of port numbers.

Parameters

  • ports: A single port number or a list of port numbers.
  • protos: The protocol or list of protocols to match against, default "tcp".
  • states: A state or list of states to match against, default {"open", "open|filtered"}.

Usage:

portrule = shortport.portnumber({80, 443})

Return value:

Function for the portrule.
service (services, protos, states)

Return a portrule that returns true when given an open port with a service name matching a single service name or a list of service names.

A service name is something like "http", "https", "smtp", or "ftp". These service names are determined by Nmap's version scan or (if no version scan information is available) the service assigned to the port in nmap-services (e.g. "http" for TCP port 80).

Parameters

  • services: Service name or a list of names to run against.
  • protos: The protocol or list of protocols to match against, default "tcp".
  • states: A state or list of states to match against, default {"open", "open|filtered"}.

Usage:

portrule = shortport.service("ftp")

Return value:

Function for the portrule.
ssl (host, port)

A portrule that matches likely SSL services.

Parameters

  • host: The host table to match against.
  • port: The port table to match against.

Usage:

portrule = shortport.ssl

Return value:

true if the port is likely to be SSL, false otherwise.
version_port_or_service (ports, services, protos, states, rarity)

Return a portrule that returns true when given an open port matching either a port number or service name and has not been listed in the exclude port directive of the nmap-service-probes file. If version intensity is lesser than rarity value, portrule always returns false.

This function is a combination of the port_is_excluded and port_or_service functions. The port, service, proto may be single values or a list of values as in those functions. This function can be used by version category scripts to check if a given port and its protocol are in the exclude directive and that version intensity is greater than or equal to the rarity value of the script.

Parameters

  • ports:
  • services: Service name or a list of names to run against.
  • protos: The protocol or list of protocols to match against, default "tcp".
  • states: A state or list of states to match against, default {"open", "open|filtered"}.
  • rarity: A minimum value of version script intensity, below which the function always returns false, default 7.

Usage

  • portrule = shortport.version_port_or_service(22)
  • portrule = shortport.version_port_or_service(nil, "ssh", "tcp")
  • portrule = shortport.version_port_or_service(nil, nil, "tcp", nil, 8)

Return value:

Function for the portrule.

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]