I have a very specific problem that needs addressing regarding writing an NSE script for Nmap. Basically here is what I want the script to do:
- Connect to a host and check for a supplied open port: E.G. 18000.
- If the port is open: Connect to the host via the open port and send the following command to the host: "hello\n". Note: the "\n" is important in the command.
- If the output of the sent command begins with the string "SeedLink", the response should be printed out, if not the response should be silenced.
Here is what I have tried so far:
-- HEAD --
description = [[
This is a simple script example that determines if a port has a seedlink server running.
]]
author = "Me"
-- RULE --
portrule = function(host, port)
return port.protocol == "tcp"
and port.state == "open"
end
-- ACTION --
action = function(host, port)
local sock = nmap.new_socket()
local status, err = sock:connect(host, port)
if not status then
return "Failed to connect"
end
local data = "hello\n"
status, err = sock:send(data)
if not status then
return "Failed to send data"
end
local response = sock:receive()
if string.sub(response, 1, 8) == "SeedLink" then
return "Seedlink server is running"
else
return "SeedLink server is not running."
end
end
I use the following command to run the script:
nmap --script=seedlink.nse localhost -p 18000
The expected output would bee:
SeedLink v3.3 (2022.096) EQM
This script works, but it tells me that there is no Seedlink server running, although I can verify that there is one by running:
telnet localhost:18000