Script `quake1-info`

Script types: portrule
Categories: default, discovery, safe, version
Download: https://svn.nmap.org/nmap/scripts/quake1-info.nse

Script Summary

Extracts information from Quake game servers and other game servers which use the same protocol.

Quake uses UDP packets, which because of source spoofing can be used to amplify a denial-of-service attack. For each request, the script reports the payload amplification as a ratio. The format used is response_bytes/request_bytes=ratio

http://www.gamers.org/dEngine/quake/QDP/qnp.html

Example Usage

nmap -n -sU -Pn --script quake1-info -pU:26000-26004 -- <target>

Script Output

PORT      STATE SERVICE
26000/udp open  quake
| quake1-info:
|   server info exchange payload amplification: 59/12=4.916667
|   listen address: 10.200.200.10:26000
|   server name: An anonymous Debian server
|   level name: dm1
|   players: 1/8
|   player table
|     player 1: fragmeister
|       player info exchange payload amplification: 49/6=8.166667
|       client address: 192.168.0.10:40430
|       connect time: 55587 secs
|       frags: -1
|       shirt: green3
|       pants: orange6
|_  protocol version: released (0x3)

Requires

Author:

Ulrik Haugen

License: Same as Nmap--See https://nmap.org/book/man-legal.html

action

action (host, port)

Nmap entry point.

Parameters

host
port

portrule

portrule (host, port)

Proceed with action on open/open|filtered udp ports in interval [26000, 26004] and whatever Quake is listed under in nmap-services.

Parameters

host
port

Script quake1-info

Script Summary

Example Usage

Script Output

Requires

action

Parameters

portrule

Parameters

Script `quake1-info`