CHips L MINI SHELL

CHips L pro

Current Path : /usr/share/nmap/scripts/
Upload File :
Current File : //usr/share/nmap/scripts/wsdd-discover.nse

description = [[ 
Retrieves and displays information from devices supporting the Web
Services Dynamic Discovery (WS-Discovery) protocol. It also attempts
to locate any published Windows Communication Framework (WCF) web
services (.NET 4.0 or later).
]]

---
-- @usage
-- sudo ./nmap --script broadcast-wsdd-discover 
--
-- @output
-- PORT     STATE         SERVICE
-- 3702/udp open|filtered unknown
-- | wsdd-discover: 
-- |   Devices
-- |     Message id: 39a2b7f2-fdbd-690c-c7c9-deadbeefceb3
-- |     Address: http://10.0.200.116:50000
-- |_    Type: Device wprt:PrintDeviceType
--
-- 

--
-- Version 0.1
-- Created 10/31/2010 - v0.1 - created by Patrik Karlsson <patrik@cqure.net>

author = "Patrik Karlsson"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"safe", "discovery", "default"}

require 'shortport'
require 'wsdd'

portrule = shortport.portnumber(3702, "udp", {"open", "open|filtered"})

-- function used for running several discovery threads in parallell
--
-- @param funcname string containing the name of the function to run
--        the name should be one of the discovery functions in wsdd.Helper
-- @param result table into which the results are stored
discoverThread = function( funcname, host, port, results )
	-- calculates a timeout based on the timing template (default: 5s)
	local timeout = ( 20000 / ( nmap.timing_level() + 1 ) )
	local condvar = nmap.condvar( results )
	local helper = wsdd.Helper:new(host, port)
	helper:setTimeout(timeout)
	
	local func = loadstring( "return helper:" .. funcname .. "()" )
	setfenv(func, setmetatable({ helper=helper; }, {__index = _G}))
	
	if ( func ) then
		local status, result = func()
		if ( status ) then table.insert(results, result) end
	else
		stdnse.print_debug("ERROR: Failed to call function: %s", funcname)
	end
	condvar("broadcast")
end

local function sortfunc(a,b)
	if ( a and b and a.name and b.name ) and ( a.name < b.name ) then
		return true
	end
	return false
end

action = function(host, port)

	local threads, results = {}, {}
	local condvar = nmap.condvar( results )
	
	-- Attempt to discover both devices and WCF web services
	for _, f in ipairs( {"discoverDevices", "discoverWCFServices"} ) do
		threads[stdnse.new_thread( discoverThread, f, host, port, results )] = true
	end
	
	local done
	-- wait for all threads to finish
	while( not(done) ) do
		condvar("wait")
		done = true
		for thread in pairs(threads) do
			if (coroutine.status(thread) ~= "dead") then done = false end
		end
	end

	if ( results ) then
		table.sort( results, sortfunc )
		return stdnse.format_output(true, results)
	end
end

Copyright 2K16 - 2K18 Indonesian Hacker Rulez