Skip to content

Instantly share code, notes, and snippets.

@steeve85

steeve85/nmap_probes

Created June 9, 2012 21:32
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save steeve85/2902651 to your computer and use it in GitHub Desktop.
Save steeve85/2902651 to your computer and use it in GitHub Desktop.
Download ZIP
Nmap probes examples
Raw
nmap_probes
match backdoor m|^PWD$| p/Subseven backdoor/ i/**BACKDOOR**/ o/Windows/
match asterisk m|^Asterisk Call Manager/([\d.]+)\r\n| p/Asterisk Call Manager/ v/$1/
match quake3 m|^\xff\xff\xff\xffdisconnect$| p/Quake 3 dedicated server/
Probe TCP mydoom q|\x0d\x0d|
rarity 9
ports 706,3127-3198
match mydoom m|\x04\x5b\0\0\0\0\0\0| p/MyDoom virus backdoor/ v/v012604/
# Windows 2003
match ftp m/^220[ -]Microsoft FTP Service\r\n/ p/Microsoft ftpd/ o/Windows/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment