rpc-grind
脚本使用类型:
portrule
脚本所属分类:
version
脚本下载地址: http://nmap.org/svn/scripts/rpc-grind.nse
Fingerprints the target RPC port to extract the target service, RPC number and version.
The script works by sending RPC Null call requests with a random high version unsupported number to the target service with iterated over RPC program numbers from the nmap-rpc file and check for replies from the target port. A reply with a RPC accept state 2 (Remote can't support version) means that we the request sent the matching program number, and we proceed to extract the supported versions. A reply with an accept state RPC accept state 1 (remote hasn't exported program) means that we have sent the incorrect program number. Any other accept state is an incorrect behaviour.
Number of grinding threads. Defaults to 4
执行格式
nmap -sV <target> nmap --script rpc-grind <target> nmap --script rpc-grind --script-args 'rpc-grind.threads=8' -p <targetport> <target>
PORT STATE SERVICE VERSION 53344/udp open walld (walld V1) 1 (RPC #100008)
Author: Hani Benhabiles
License: VER007 整理 http://www.ver007.com