Add new scans

[ikstream]

Add (additional) scans for

• amqp (Advanced Message Queuing Protocol - nmap scan for server infos)
• nfs (showmount - lists mounts if available)
• rpc (rpcdump - dumps endpoint information if available)

[ikstream]

Done

[4elta]

thanks for updating the info on how to install rpctools.

i don't have any experience with that tool yet. could you please explain the advantages/differences to rpcinfo or the Nmap scripts (msrpc-enum, rpc-grind, rpcinfo).

[ikstream]

The most important part is, that it simply dumps all publicly available NFS shares and the hosts that can access them. The other tools and scripts didn't provide that info for me so far.

[4elta]

the ZIP archive on the page you linked to (i.e. https://packetstormsecurity.com/files/31879/rpctools-1.0.zip.html) does not contain the Python script referenced in scans.toml. how did you install this script (i.e. rpcdump.py)?

regarding NFS: didn't the Nmap scripts (nfs*) show this information? the command can be found in the [nfs] group of scans.toml.

[ikstream]

regarding NFS: didn't the Nmap scripts (nfs*) show this information? the command can be found in the [nfs] group of scans.toml.

As I said before, none of the other tools provided that information to me

[4elta]

do we have to look into this issue (i.e. the Nmap nfs* scripts not showing any results) or have you found an explanation or a solution for it?

[ikstream]

I don't have a solution or even a hint yet. I will try to look into it again next week, but I am not very confident to find a solution. Compared to nmap, showmount provided the mount points reliable. The rpcdump (sorry for the confusion) provides additional information above the output of nmap.