nmap-services

2024-04-03
Nmap Service Resolution

There are two files we are interested in.

  • nmap-services: a list of well known services by port

  • nmap-service-probes: matching rules for detecting service by response

The default service to port mapping in Python socket module is incomplete.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# find that with mlocate
# file_path = '/usr/share/nmap/nmap-services'
file_path = "./nmap-services"
with open(file_path, 'r') as f:
line_list = f.read().split('\n')
for line in line_list:
if line.startswith("#"):
# it is a comment
continue
else:
# process this line
content = line.split('#')[0].strip() # strip away comments
components = content.split(" ")
# must be three.
assert len(components) == 3, f"abnormal component count for content: '{content}'"

Read More