Nmap Developmentmailing list archives
version check in nfs-ls?
From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 8 Apr 2011 14:24:50 -0500
Hey list,Ran across an issue with nfs-ls while scanning my HP printer (I wassurprised to see that it had NFS on it!). Here's what I was seeing:$ sudo nmap --script rpcinfo -p 111,2049 -sU 192.168.1.X
Starting Nmap 5.51SVN (http://nmap.org ) at 2011-04-08 14:12 CDTNmap scan report for 192.168.1.XHost is up (0.00092s latency).PORT STATE SERVICE111/udp open rpcbind| rpcinfo:| program version port/proto service| 100000 2,2,3,3 34861/udp rpcbind| 100000 2,3 34861/112 rpcbind| 100003 2 2049/112 nfs| 100003 2 2049/udp nfs| 100005 1 34862/112 mountd|_ 100005 1 34862/udp mountd2049/udp open nfsMAC Address: 00:17:08:XX:XX:XX (Hewlett Packard)Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds$ sudo nmap --script nfs-ls -p 111,2049 -sU 192.168.1.XStarting Nmap 5.51SVN (http://nmap.org ) at 2011-04-08 14:07 CDTNmap scan report for 192.168.1.XHost is up (0.0027s latency).PORT STATE SERVICE111/udp open rpcbind| nfs-ls:| Arguments:| maxfiles: 10 (file listing output limited)|| NFS Export /hpmnt/dsk_ram0|_ ERROR: versions mismatch, nfs v2 - mount v12049/udp open nfsMAC Address: 00:17:08:XX:XX:XX (Hewlett Packard)Nmap done: 1 IP address (1 host up) scanned in 0.22 seconds
I'm not sure why this version discrepancy matters. I found the check innfs-ls.nse:
-- use simple chack since NFSv1 is not used anymore. if (mnt_comm.version ~= nfs_comm.version) then rpc.Helper.UnmountPath(mnt_comm, mount) return false, string.format("versions mismatch, nfs v%d - mount v%d", nfs_comm.version, mnt_comm.version) endCommenting out this block allows the script to continue, producing thisoutput:
$ sudo nmap --script nfs-ls -p 111,2049 -sU 192.168.1.XStarting Nmap 5.51SVN (http://nmap.org ) at 2011-04-08 14:14 CDTNmap scan report for 192.168.1.XHost is up (0.0019s latency).PORT STATE SERVICE111/udp open rpcbind| nfs-ls:| Arguments:| maxfiles: 10 (file listing output limited)|| NFS Export: /hpmnt/dsk_ram0| PERMISSION UID GID SIZE MODIFICATION TIME FILENAME| drwxrwxrwx 0 0 512 2011-04-08 10:44 /hpmnt/dsk_ram0| drwxrwxrwx 0 0 512 2011-04-08 10:44 PJL| drwxrwxrwx 0 0 512 2011-04-08 10:44 PostScript| drwxrwx--- 0 0 512 2011-04-08 10:44 saveDevice|_ drwxrwxrwx 7 0 512 2011-04-08 10:44 webServer2049/udp open nfsMAC Address: 00:17:08:XX:XX:XX (Hewlett Packard)Nmap done: 1 IP address (1 host up) scanned in 0.29 seconds
Anyone able to shed light on this? In what cases is this check necessary?Possibly related: I have been unable to mount the directory with mount.nfs.Dan_______________________________________________Sent through the nmap-dev mailing listhttp://cgi.insecure.org/mailman/listinfo/nmap-devArchived athttp://seclists.org/nmap-dev/
Current thread:
- version check in nfs-ls?Daniel Miller (Apr 08)
- Re: version check in nfs-ls?Daniel Miller (Apr 08)
- Re: version check in nfs-ls?Djalal Harouni (Apr 13)
- Re: version check in nfs-ls?Djalal Harouni (Apr 13)
- Re: version check in nfs-ls?Djalal Harouni (Apr 23)
- Re: version check in nfs-ls?Daniel Miller (Apr 25)