diff options
Diffstat (limited to 'scripts/freelancer-info.nse')
-rw-r--r-- | scripts/freelancer-info.nse | 107 |
1 files changed, 107 insertions, 0 deletions
diff --git a/scripts/freelancer-info.nse b/scripts/freelancer-info.nse new file mode 100644 index 0000000..2a30d18 --- /dev/null +++ b/scripts/freelancer-info.nse @@ -0,0 +1,107 @@ +local comm = require "comm" +local nmap = require "nmap" +local shortport = require "shortport" +local string = require "string" +local stdnse = require "stdnse" + +description = [[ +Detects the Freelancer game server (FLServer.exe) service by sending a +status query UDP probe. + +When run as a version detection script (<code>-sV</code>), the script +will report on the server name, current number of players, maximum +number of players, and whether it has a password set. When run +explicitly (<code>--script freelancer-info</code>), the script will +additionally report on the server description, whether players can harm +other players, and whether new players are allowed. + +See http://sourceforge.net/projects/gameq/ +(relevant files: games.ini, packets.ini, freelancer.php) +]] + +--- +-- @usage +-- nmap -sU -sV -p 2302 <target> +-- nmap -sU -p 2302 --script=freelancer-info <target> +-- @output +-- PORT STATE SERVICE REASON VERSION +-- 2302/udp open freelancer udp-response Freelancer (name: Discovery Freelancer RP 24/7; players: 152/225; password: no) +-- | freelancer-info: +-- | server name: Discovery Freelancer RP 24/7 +-- | server description: This is the official discovery freelancer RP server. To know more about the server, please visit www.discoverygc.com +-- | players: 152 +-- | max. players: 225 +-- | password: no +-- | allow players to harm other players: yes +-- |_ allow new players: yes +-- +-- @xmloutput +-- <elem key="server name">Discovery Freelancer RP 24/7</elem> +-- <elem key="server description">This is the official discovery freelancer RP server. To know more about the server, please visit www.discoverygc.com</elem> +-- <elem key="players">152</elem> +-- <elem key="max. players">225</elem> +-- <elem key="password">no</elem> +-- <elem key="allow players to harm other players">yes</elem> +-- <elem key="allow new players">yes</elem> + +author = "Marin Maržić" +license = "Same as Nmap--See https://nmap.org/book/man-legal.html" +categories = { "default", "discovery", "safe", "version" } + +portrule = shortport.version_port_or_service({2302}, "freelancer", "udp") + +action = function(host, port) + local status, data = comm.exchange(host, port, + "\x00\x02\xf1\x26\x01\x26\xf0\x90\xa6\xf0\x26\x57\x4e\xac\xa0\xec\xf8\x68\xe4\x8d\x21", + { timeout = 3000 }) + if not status then + return + end + + -- port is open + nmap.set_port_state(host, port, "open") + + local passwordbyte, maxplayers, numplayers, name, pvpallow, newplayersallow, description = + string.match(data, "^\x00\x03\xf1\x26............(.)...(.)...(.)...................................................................(.*)\0\0(.):(.):.*:.*:.*:(.*)\0\0$") + if not passwordbyte then + return + end + + local o = stdnse.output_table() + + o["server name"] = string.gsub(name, "[^%g%s]", "") + o["server description"] = string.gsub(description, "[^%g%s]", "") + o["players"] = numplayers:byte(1) - 1 + o["max. players"] = maxplayers:byte(1) - 1 + + passwordbyte = passwordbyte:byte(1) + if passwordbyte & 128 ~= 0 then + o["password"] = "yes" + else + o["password"] = "no" + end + + o["allow players to harm other players"] = "n/a" + if pvpallow == "1" then + o["allow players to harm other players"] = "yes" + elseif pvpallow == "0" then + o["allow players to harm other players"] = "no" + end + + o["allow new players"] = "n/a" + if newplayersallow == "1" then + o["allow new players"] = "yes" + elseif newplayersallow == "0" then + o["allow new players"] = "no" + end + + port.version.name = "freelancer" + port.version.name_confidence = 10 + port.version.product = "Freelancer" + port.version.extrainfo = "name: " .. o["server name"] .. "; players: " .. + o["players"] .. "/" .. o["max. players"] .. "; password: " .. o["password"] + + nmap.set_port_version(host, port, "hardmatched") + + return o +end |