Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20 System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64 User : apache ( 48) PHP Version : 7.4.20 Disable Function : NONE Directory : /usr/share/nmap/scripts/ |
local nmap = require "nmap"
local shortport = require "shortport"
local sip = require "sip"
local stdnse = require "stdnse"
local table = require "table"
description = [[
Enumerates a SIP Server's allowed methods (INVITE, OPTIONS, SUBSCRIBE, etc.)
The script works by sending an OPTION request to the server and checking for
the value of the Allow header in the response.
]]
---
-- @usage
-- nmap --script=sip-methods -sU -p 5060 <targets>
--
--@output
-- 5060/udp open sip
-- | sip-methods:
-- |_ INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO
author = "Hani Benhabiles"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"default", "safe", "discovery"}
portrule = shortport.port_or_service(5060, "sip", {"tcp", "udp"})
action = function(host, port)
local status, session, response
session = sip.Session:new(host, port)
status = session:connect()
if not status then
return "ERROR: Failed to connect to the SIP server."
end
status, response = session:options()
if status then
-- If port state not set to open, set it to open.
if nmap.get_port_state(host, port) ~= "open" then
nmap.set_port_state(host, port, "open")
end
-- Check if allow header exists in response
local allow = response:getHeader("allow")
if allow then
return stdnse.format_output(true, allow)
end
end
end