File db2-das-info

脚本使用类型: portrule
脚本所属分类: safe, discovery, version
脚本下载地址: http://nmap.org/svn/scripts/db2-das-info.nse

User Summary

Connects to the IBM DB2 Administration Server (DAS) on TCP or UDP port 523 and exports the server profile. No authentication is required for this request.

The script will also set the port product and version if a version scan is requested.

Example Usage

执行格式

nmap -sV <target>

Script Output

PORT    STATE SERVICE VERSION
523/tcp open  ibm-db2 IBM DB2 Database Server 9.07.0
| db2-das-info: DB2 Administration Server Settings
| ;DB2 Server Database Access Profile
| ;Use BINARY file transfer
| ;Comment lines start with a ";"
| ;Other lines must be one of the following two types:
| ;Type A: [section_name]
| ;Type B: keyword=value
|
| [File_Description]
| Application=DB2/LINUX 9.7.0
| Platform=18
| File_Content=DB2 Server Definitions
| File_Type=CommonServer
| File_Format_Version=1.0
| DB2System=MYBIGDATABASESERVER
| ServerType=DB2LINUX
|
| [adminst>dasusr1]
| NodeType=1
| DB2Comm=TCPIP
| Authentication=SERVER
| HostName=MYBIGDATABASESERVER
| PortNumber=523
| IpAddress=127.0.1.1
|
| [inst>db2inst1]
| NodeType=1
| DB2Comm=TCPIP
| Authentication=SERVER
| HostName=MYBIGDATABASESERVER
| ServiceName=db2c_db2inst1
| PortNumber=50000
| IpAddress=127.0.1.1
| QuietMode=No
| TMDatabase=1ST_CONN
|
| [db>db2inst1:TOOLSDB]
| DBAlias=TOOLSDB
| DBName=TOOLSDB
| Drive=/home/db2inst1
| Dir_entry_type=INDIRECT
|_Authentication=NOTSPEC

Requires

• bin
• nmap
• shortport
• stdnse
• string

Author: Patrik Karlsson, Tom Sellers

License: VER007 整理 http://www.ver007.com

portrule

portrule (host, port)

Research Notes:

Little documentation on the protocol used to communicate with the IBM DB2 Admin Server service exists. The packets and methods here were developed based on data captured in the wild. Interviews with knowledgeable individuals indicates that the following information can be used to recreate the traffic.

Requirements: IBM DB2 Administrative Server (DAS) version >= 7.x instance, typically on port 523 tcp or udp IBM DB2 Control Center (Java application, workings on Linux, Windows, etc)

Steps to reproduce: Ensure network connectivity from test host to DB2 DAS instance on 523 In the Control Center, right click on All Systems and click Add Enter the DB2 server IP or hostname in the System Name field and click OK Start packet capture Under All Systems right click on your DB2 server, choose export profile, enter file location, click OK Stop packet capture

Details on how to reproduce these steps with the CLI are welcome.

Parameters

• host:
• port: