Hi, On 08.07.2017 08:54, Gergely Molnar wrote: > Hi, > I'm testing openvas8 on Raspberry Pi for a small project. In one of the > first successful scans I've stumbled upon a request from you guys to report > if... > > Unknown banners have been collected which might help to identify the OS > running ! > on this host. If these banners containing information about the host OS > please r! > eport the following information to openvas-plugins@wald.intevation.org: > Banner: Server: AirTunes/220.68 > Identified from: HTTP Server banner on port 5000/tcp > Banner: Server: AirTunes/220.68 > Identified from: HTTP Server banner on port 7000/tcp > > Log Method: > Details: > OS Detection Consolidation and Reporting > (OID: 1.3.6.1.4.1.25623.1.0.105937) > Version used: $Revision: 6356 $ > > This device is an *AppleTV* thingy. I'm not sure about the version, can > find it out if relevant.
thanks for your report. I have added this banner to the following NVT: HTTP OS Identification (OID: 1.3.6.1.4.1.25623.1.0.111067) Once the revision r6802 of this NVT reached the Feed an AppleTV is detected accordingly. The version of the AppleTV itself is not needed in this case. There are two dedicated NVTs doing this job: Apple TV Detection (OID: 1.3.6.1.4.1.25623.1.0.105899) Apple TV Version Detection (OID: 1.3.6.1.4.1.25623.1.0.140000) > Best, > Gergely M Thanks again, > See the complete report section below: > > Host 192.168.1.111 > ****************** > > Scanning of this host started at: Fri Jul 7 22:16:45 2017 UTC > Number of results: 9 > > Port Summary for Host 192.168.1.111 > ----------------------------------- > > Service (Port) Threat Level > general/tcp Log > 80/tcp (IANA: www-http) Log > 7000/tcp (IANA: afs3-fileserver)Log > general/tcp Log > 7100/tcp (IANA: font-service)Log > general/tcp Log > general/tcp Log > 80/tcp (IANA: www-http) Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > 53/tcp (IANA: domain) Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > 3689/tcp (IANA: daap) Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > 62078/tcp Log > general/tcp Log > 5000/tcp (IANA: commplex-main)Log > general/tcp Log > general/tcp Log > 443/tcp (IANA: https) Log > 5555/tcp (IANA: personal-agent)Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > general/tcp Log > > Security Issues for Host 192.168.1.111 > -------------------------------------- > > Issue > ----- > NVT: OS Detection Consolidation and Reporting > OID: 1.3.6.1.4.1.25623.1.0.105937 > Threat: Log (CVSS: 0.0) > Port: general/tcp > > Summary: > This script consolidates the OS information detected by several NVTs and > tries t! > o find the best matching OS. > Furthermore it reports all previously collected information leading to > this be! > st matching OS. It also reports possible additional informations > which might help to improve the OS detection. > If any of this information is wrong or could be improved please consider > to re! > port these to openvas-plugins@wald.intevation.org. > > Vulnerability Detection Result: > Best matching OS: > OS: Apple Mac OS X 10.7.0 (Lion) - 10.9.2 (Mavericks) or iOS 4.1 - 7.1 > (Darwin 1! > 0.0.0 - 14.0.0) > CPE: cpe:/o:apple:iphone_os:6 > Found by NVT: 1.3.6.1.4.1.25623.1.0.108021 (Nmap OS Identification (NASL > wrapper! > )) > Concluded from Nmap TCP/IP fingerprinting: > OS details: Apple Mac OS X 10.7.0 (Lion) - 10.9.2 (Mavericks) or iOS 4.1 - > 7.1 (! > Darwin 10.0.0 - 14.0.0) > OS CPE: cpe:/o:apple:mac_os_x:10.7 cpe:/o:apple:mac_os_x:10.9 > cpe:/o:apple:mac_o! > s_x:10.8 cpe:/o:apple:iphone_os:4 cpe:/a:apple:apple_tv:4 > cpe:/o:apple:iphone_os! > :5 cpe:/o:apple:iphone_os:6 > Setting key "Host/runs_unknown" based on this information > Other OS detections (in order of reliability): > OS: FreeBSD > CPE: cpe:/o:freebsd:freebsd > Found by NVT: 1.3.6.1.4.1.25623.1.0.102002 (ICMP based OS Fingerprinting) > Concluded from ICMP based OS fingerprint: > (85% confidence) > FreeBSD > Apple Mac OS X > OS: Apple Mac OS X > CPE: cpe:/o:apple:mac_os_x > Found by NVT: 1.3.6.1.4.1.25623.1.0.102002 (ICMP based OS Fingerprinting) > Concluded from ICMP based OS fingerprint: > (85% confidence) > FreeBSD > Apple Mac OS X > Unknown banners have been collected which might help to identify the OS > running ! > on this host. If these banners containing information about the host OS > please r! > eport the following information to openvas-plugins@wald.intevation.org: > Banner: Server: AirTunes/220.68 > Identified from: HTTP Server banner on port 5000/tcp > Banner: Server: AirTunes/220.68 > Identified from: HTTP Server banner on port 7000/tcp > > Log Method: > Details: > OS Detection Consolidation and Reporting > (OID: 1.3.6.1.4.1.25623.1.0.105937) > Version used: $Revision: 6356 $ -- Christian Fischer | PGP Key: 0x54F3CE5B76C597AD Greenbone Networks GmbH | http://greenbone.net Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-plugins mailing list Openvas-plugins@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
