9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.8%
Reads hard disk information (such as brand, model, and sometimes temperature) from a listening hddtemp service.
nmap -p 7634 -sV -sC <target>
7634/tcp open hddtemp
| hddtemp-info:
|_ /dev/sda: WDC WD2500JS-60MHB1: 38 C
local comm = require "comm"
local math = require "math"
local shortport = require "shortport"
local string = require "string"
local stringaux = require "stringaux"
local table = require "table"
description = [[
Reads hard disk information (such as brand, model, and sometimes temperature) from a listening hddtemp service.
]]
---
-- @usage
-- nmap -p 7634 -sV -sC <target>
--
-- @output
-- 7634/tcp open hddtemp
-- | hddtemp-info:
-- |_ /dev/sda: WDC WD2500JS-60MHB1: 38 C
--
-- @xmloutput
-- <table>
-- <elem key="label">WDC WD2500JS-60MHB1</elem>
-- <elem key="unit">C</elem>
-- <elem key="device">/dev/sda</elem>
-- <elem key="temperature">38</elem>
-- </table>
-- <table>
-- <elem key="label">WDC WD3200BPVT-75JJ5T0</elem>
-- <elem key="unit">C</elem>
-- <elem key="device">/dev/sdb</elem>
-- <elem key="temperature">41</elem>
-- </table>
author = "Toni Ruottu"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"default", "discovery", "safe"}
portrule = shortport.port_or_service (7634, "hddtemp", {"tcp"})
local fmt_meta = {
__tostring = function (t)
return string.format("%s: %s: %s %s", t.device, t.label, t.temperature, t.unit)
end
}
action = function( host, port )
-- 5000B should be enough for 100 disks
local status, data = comm.get_banner(host, port, {bytes=5000})
if not status then
return
end
local separator = string.sub(data, 1, 1)
local fields = stringaux.strsplit(separator, data)
local info = {}
local disks = math.floor((# fields) / 5)
for i = 0, (disks - 1) do
local start = i * 5
local diskinfo = {
device = fields[start + 2],
label = fields[start + 3],
temperature = fields[start + 4],
unit = fields[start + 5],
}
setmetatable(diskinfo, fmt_meta)
table.insert(info, diskinfo)
end
return info
end
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.8%