����JFIF��� ( %"1"%)+...383,7(-.- 404 Not Found
Sh3ll
OdayForums


Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64
User : apache ( 48)
PHP Version : 7.4.20
Disable Function : NONE
Directory :  /usr/share/nmap/scripts/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : //usr/share/nmap/scripts/broadcast-xdmcp-discover.nse
local os = require "os"
local stdnse = require "stdnse"
local table = require "table"
local xdmcp = require "xdmcp"

description = [[
Discovers servers running the X Display Manager Control Protocol (XDMCP) by
sending a XDMCP broadcast request to the LAN. Display managers allowing access
are marked using the keyword Willing in the result.
]]

---
-- @usage
-- nmap --script broadcast-xdmcp-discover
--
-- @output
-- Pre-scan script results:
-- | broadcast-xdmcp-discover: 
-- |_  192.168.2.162 - Willing
--
-- @args broadcast-xdmcp-discover.timeout socket timeout (default: 5s)

author = "Patrik Karlsson"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"broadcast", "safe"}


prerule = function() return true end

local arg_timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout"))

action = function()

	local host, port = { ip = "255.255.255.255" }, { number = 177, protocol = "udp" }
	local options = { timeout = 1 }	
	local helper = xdmcp.Helper:new(host, port, options)
	local status = helper:connect()
	
	local req = xdmcp.Packet[xdmcp.OpCode.BCAST_QUERY]:new(nil)
	local status, err = helper:send(req)
	if ( not(status) ) then
		return false, err
	end
	
	local timeout = arg_timeout or 5
	local start = os.time()
	local result = {}
	repeat

		local status, response = helper:recv()
		if ( not(status) and response ~= "TIMEOUT" ) then
			break
		elseif ( status ) then
			local status, _, _, rhost = helper.socket:get_info()
			if ( response.header.opcode == xdmcp.OpCode.WILLING ) then
				result[rhost] = true
			else
				result[rhost] = false
			end
		end
		
	until( os.time() - start > timeout )

	local output = {}
	for ip, res in pairs(result) do
		if ( res ) then
			table.insert(output, ("%s - Willing"):format(ip))
		else
			table.insert(output, ("%s - Unwilling"):format(ip))
		end
	end
	return stdnse.format_output(true, output)
end

ZeroDay Forums Mini