Script ip-https-discover

Script types: portrule
Categories: discovery, safe, default
Download: https://svn.nmap.org/nmap/scripts/ip-https-discover.nse

Script Summary

Checks if the IP over HTTPS (IP-HTTPS) Tunneling Protocol [1] is supported.

IP-HTTPS sends Teredo related IPv6 packets over an IPv4-based HTTPS session. This indicates that Microsoft DirectAccess [2], which allows remote clients to access intranet resources on a domain basis, is supported. Windows clients need Windows 7 Enterprise/Ultime or Windows 8.1 Enterprise/Ultimate. Servers need Windows Server 2008 (R2) or Windows Server 2012 (R2). Older versions of Windows and Windows Server are not supported.

[1] http://msdn.microsoft.com/en-us/library/dd358571.aspx [2] http://technet.microsoft.com/en-us/network/dd420463.aspx

Script Arguments

mssql.domain, mssql.instance-all, mssql.instance-name, mssql.instance-port, mssql.password, mssql.protocol, mssql.scanned-ports-only, mssql.timeout, mssql.username

See the documentation for the mssql library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

smtp.domain

See the documentation for the smtp library.

randomseed, smbbasic, smbport, smbsign

See the documentation for the smb library.

tls.servername

See the documentation for the tls library.

Example Usage

nmap --script ip-https-discover

Script Output

443/tcp open  https
|_ip-https-discover: IP-HTTPS is supported. This indicates that this host supports Microsoft DirectAccess.

Requires

• comm
• string
• stdnse
• shortport
• sslcert

---

Author:

• Niklaus Schiess <nschiess@adversec.com>

License: Same as Nmap--See https://nmap.org/book/man-legal.html

portrule

portrule (host, port)

Parameters

host

 

port

 

Usage:

nmap --script ip-https-discover