Script `eppc-enum-processes`

Script types: portrule
Categories: discovery, safe
Download: https://svn.nmap.org/nmap/scripts/eppc-enum-processes.nse

Script Summary

Attempts to enumerate process info over the Apple Remote Event protocol. When accessing an application over the Apple Remote Event protocol the service responds with the uid and pid of the application, if it is running, prior to requesting authentication.

Example Usage

nmap -p 3031 <ip> --script eppc-enum-processes

Script Output

PORT     STATE SERVICE
3031/tcp open  eppc
| eppc-enum-processes:
| application       uid  pid
| Address Book      501  269
| Facetime          501  495
| Finder            501  274
| iPhoto            501  267
| Photo booth       501  471
| Remote Buddy      501  268
| Safari            501  270
| Terminal          501  266
| Transmission      501  265
|_VLC media player  501  367

Requires

nmap
shortport
stdnse
string
tab

Author:

Patrik Karlsson

License: Same as Nmap--See https://nmap.org/book/man-legal.html

Script eppc-enum-processes

Script Summary

Example Usage

Script Output

Requires

Script `eppc-enum-processes`