Tag Archives: citrix

Nmap 5.10-BETA2

Nmap 5.10-BETA2 was released by Fyodor as a X-mas present the other day. I was pleased to see that almost all of my scripts made it into this version. The remaining one, oracle-sid-brute, made it into SVN just a few minutes ago ūüôā

For the full changelog of Nmap 5.10-BETA2 have a look here.

Nmap Citrix script updated

So, my friend Ian Vitek enlightened me again. Apparently when the published application list is long it’s split up into multiple packets and the client needs to keep reading them until the magic byte at offset 31 is toggled to 1.

I have adjusted my script so that it checks for this and prints a complete list of published applications, instead of just the first packets. The script can be downloaded from here.

For more information on how to get it running, check my earlier posts or post a comment to the article.

Two more nmap scripts

Lua turned out to be quite entertaining so I have spent some time coding some more scripts for Nmap. The first script I finished was nfs-showmount.nse which can be used to query a remote server for any NFS shares:

Interesting ports on yoda.localdomain (192.168.56.50):
PORT    STATE SERVICE
111/tcp open  rpcbind

Host script results:
|  nfs-showmount:
|  /home/storage/backup 192.168.56.0/255.255.255.0 192.168.56.66/255.255.255.255
|_ /home 192.168.56.0/255.255.255.0

The next one citrix-published-applications, queries a Citrix server for any published applications:

Starting Nmap 5.00 ( http://nmap.org ) at 2009-11-24 22:09 CET
Interesting ports on 192.168.56.5:
PORT     STATE SERVICE
1604/udp open  unknown
|  citrix-published-applications:
|  Notepad
|  iexplorer
|_ registry editor