The nmap-service-probes File
The keywords contained in the nmap-service-probes file are listed in Table 3-5.
Table 3-5. nmap-service-probes keywords
Keyword |
Format |
---|---|
Probe |
Probe <protocol> <probe name> <probe string> |
match |
match <service> <pattern> [version info] |
softmatch |
softmatch <service> <pattern> |
ports |
ports <portlist> |
sslports |
sslports <portlist> |
Totalwaitms |
totalwaitms <milliseconds> |
Probes
A probe entry consists of the values shown in Table 3-6.
Table 3-6. Probe values
Parameter |
Description |
---|---|
Protocol |
TCP or UDP. |
Probe name |
Name of the probe (human-readable). |
Probe string |
String starting with a |
Here are some example probe strings:
-
Probe TCP NULL q||
Send nothing, waiting the amount of time specified in
totalwaitms
.-
Probe TCP GenericLines q|\r\n\r\n|
Send carriage return, newline, carriage return, newline.
-
Probe UDP DNSStatusRequest q|\0\0\x10\0\0\0\0\0\0\0\0\0|
Send the binary string
0x00
0x00
0x10
0x00
0x00
0x00
0x00
0x00
0x00
0x00
0x00 0x00
.
Matches
A match entry consists of the values defined in Table 3-7.
Table 3-7. Match values
Parameter |
Description |
---|---|
Service |
Name of the service the pattern matches. |
Pattern |
A Perl-compatible regular expression to match the expected response
for this service. This is of the format
|
Version info |
A field ... |
Get Network Security Tools now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.