Nmap Development mailing list archives
Re: [NSE] SSL Heartbleed
From: "Whyte, Jesse" <Jesse.Whyte () carefirst com>
Date: Wed, 9 Apr 2014 21:44:48 +0000
-d for extra debugging info Jesse Whyte, CISSP GCIH Lead CyberSecurity Specalist CareFirst BlueCross BlueShield 10455 Mill Run Circle Owings Mills, MD 21117 (410) 998-5091 (desk) (443) 831-5571 (cell) Jesse.whyte () carefirst com On 4/9/14, 5:43 PM, "Jasey DePriest" <jrdepriest () gmail com> wrote:
I've been trying to run these scripts all day and none of them produce any results at all on my system. I run $ sudo nmap --script-updatedb $ sudo nmap -v -p 443 --script ssl-heartbleed {some IP} But my results look like PORT STATE SERVICE 443/tcp open https With no further information. Other scripts run fine if I enable them. If I do a script-trace it sure *looks* like it's running properly. Any ideas? Thanks. Jasey On Wed, Apr 9, 2014 at 10:53 AM, Dane Goodwin <dane () sensepost com> wrote:Hi All I've patched the nse that was released earlier to better handle the TLS version supported by the server. I've also fixed an unhandled error that was thrown in the portrule function when the script was run against something other than SSL. It now fails silently when you run it against port 80. _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
******************************************************************************* Unauthorized interception of this communication could be a violation of Federal and State Law. This communication and any files transmitted with it are confidential and may contain protected health information. This communication is solely for the use of the person or entity to whom it was addressed. If you are not the intended recipient, any use, distribution, printing or acting in reliance on the contents of this message is strictly prohibited. If you have received this message in error, please notify the sender and destroy any and all copies. Thank you.. ******************************************************************************* _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] SSL Heartbleed, (continued)
- Re: [NSE] SSL Heartbleed Patrik Karlsson (Apr 08)
- Re: [NSE] SSL Heartbleed Patrik Karlsson (Apr 08)
- Re: [NSE] SSL Heartbleed John (Apr 09)
- Re: [NSE] SSL Heartbleed Alan Jones (Apr 09)
- Re: [NSE] SSL Heartbleed Gisle Vanem (Apr 09)
- Re: [NSE] SSL Heartbleed Daniel Miller (Apr 09)
- Re: [NSE] SSL Heartbleed Patrik Karlsson (Apr 09)
- Re: [NSE] SSL Heartbleed Jasey DePriest (Apr 09)
- Re: [NSE] SSL Heartbleed Whyte, Jesse (Apr 09)
- Re: [NSE] SSL Heartbleed Jasey DePriest (Apr 09)
- Re: [NSE] SSL Heartbleed John Bond (Apr 11)
- Re: [NSE] SSL Heartbleed Jasey DePriest (Apr 09)
- Re: [NSE] SSL Heartbleed Patrik Karlsson (Apr 12)
- Re: Re: [NSE] SSL Heartbleed Andrew Klaus (Apr 12)
- RE: Re: [NSE] SSL Heartbleed HD Moore (Apr 14)
- Re: [NSE] SSL Heartbleed Daniel Miller (Apr 14)