Home page logo
/
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News

Sponsors


File rpc-grind

Script types: portrule
Categories: version
Download: http://nmap.org/svn/scripts/rpc-grind.nse

User Summary

Fingerprints the target RPC port to extract the target service, RPC number and version.

The script works by sending RPC Null call requests with a random high version unsupported number to the target service with iterated over RPC program numbers from the nmap-rpc file and check for replies from the target port. A reply with a RPC accept state 2 (Remote can't support version) means that we the request sent the matching program number, and we proceed to extract the supported versions. A reply with an accept state RPC accept state 1 (remote hasn't exported program) means that we have sent the incorrect program number. Any other accept state is an incorrect behaviour.

Script Arguments

rpc-grind.threads

Number of grinding threads. Defaults to 4

mount.version, nfs.version, rpc.protocol

See the documentation for the rpc library.

Example Usage

nmap -sV <target>
nmap --script rpc-grind <target>
nmap --script rpc-grind --script-args 'rpc-grind.threads=8' -p <targetport>
<target>

Script Output

PORT      STATE SERVICE          VERSION
53344/udp open  walld (walld V1) 1 (RPC #100008)

Requires


Author: Hani Benhabiles

License: Same as Nmap--See http://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault