https://t.me/RX1948
Server : Apache/2.4.18 (Ubuntu)
System : Linux canvaswebdesign 3.13.0-71-generic #114-Ubuntu SMP Tue Dec 1 02:34:22 UTC 2015 x86_64
User : oppastar ( 1041)
PHP Version : 7.0.33-0ubuntu0.16.04.15
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
Directory :  /usr/share/nmap/scripts/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : //usr/share/nmap/scripts/eppc-enum-processes.nse
local bin       = require('bin')
local nmap      = require('nmap')
local shortport = require('shortport')
local stdnse    = require('stdnse')
local tab       = require('tab')

description = [[
Attempts to enumerate process info over the Apple Remote Event protocol.
When accessing an application over the Apple Remote Event protocol the
service responds with the uid and pid of the application, if it is running,
prior to requesting authentication.
]]

---
-- @usage
-- nmap -p 3031 <ip> --script eppc-enum-processes
--
-- @output
-- PORT     STATE SERVICE
-- 3031/tcp open  eppc
-- | eppc-enum-processes:
-- | application       uid  pid
-- | Address Book      501  269
-- | Facetime          501  495
-- | Finder            501  274
-- | iPhoto            501  267
-- | Photo booth       501  471
-- | Remote Buddy      501  268
-- | Safari            501  270
-- | Terminal          501  266
-- | Transmission      501  265
-- |_VLC media player  501  367
--

author = "Patrik Karlsson"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"discovery", "safe"}

portrule = shortport.port_or_service(3031, "eppc", "tcp", "open")

action = function( host, port )

  local socket = nmap.new_socket()
  socket:set_timeout(5000)

  local try = nmap.new_try(
    function()
      stdnse.debug1("failed")
      socket:close()
    end
  )

  -- a list of application that may or may not be running on the target
  local apps = {
    "Address Book",
    "App Store",
    "Facetime",
    "Finder",
    "Firefox",
    "Google Chrome",
    "iChat",
    "iPhoto",
    "Keychain Access",
    "iTunes",
    "Photo booth",
    "QuickTime Player",
    "Remote Buddy",
    "Safari",
    "Spotify",
    "Terminal",
    "TextMate",
    "Transmission",
    "VLC",
    "VLC media player",
  }

  local results = tab.new(3)
  tab.addrow( results, "application", "uid", "pid" )

  for _, app in ipairs(apps) do
    try( socket:connect(host, port, "tcp") )
    local data

    local packets = {
      "PPCT\0\0\0\1\0\0\0\1",
      -- unfortunately I've found no packet specifications, so this has to do
      bin.pack("HCpH", "e44c50525401e101", 225 + #app, app, "dfdbe302013ddfdfdfdfd500")
    }

    for _, v in ipairs(packets) do
      try( socket:send(v) )
      data = try( socket:receive() )
    end

    local uid, pid = data:match("uid=(%d+)&pid=(%d+)")
    if ( uid and pid ) then tab.addrow( results, app, uid, pid ) end

    try( socket:close() )
  end

  return "\n" .. tab.dump(results)

end

https://t.me/RX1948 - 2025